Hi I have a question in regards to CS-cart version 2.2.4 Banners Slideshow.
It uses Nivo Slider and the banner works fine on the normal site (http://www.smilefile.com.au/) but as soon as it goes to the secure URL it breaks (https://www.smilefile.com.au/).
The image to the links don't seem to be broken but it seems the javascript isn't running...
obviously, you include some javascript files from external domain by http, it causes the secure problem:
[blocked] The page at https://www.smilefile.com.au/ ran insecure content from http://ajax.aspnetcdn.com/ajax/jquery.validate/1.8/jquery.validate.min.js.
Try to read this question, it should help.
How to Include CSS and JS files via HTTPS when needed?
Related
I want to pre-open HTTPS connections (using a proxy) to every server that is linked in a Webpage, so that when a User clicks on a link the connection to the server has already been established.
Anybody got a hint how to achieve this with Firefox Addon SDK? I think I have to use a content script first to parse the Webpage for the links and then connect to every server using the '#mozilla.org/network/socket-transport-service' class?
use HTML5 rel="prefetch" or rel="preconnect" attribute on the link. IDK if this will work because the addon has to fire before the content is parsed as the DOM to take effect
I have a site with all secured content. Everything is loaded using https. I have verified this using fiddler2, the built-in debugger, and the DebugBar plugin. Nothing is loaded using http. Nonetheless, I am still getting the "Do you want to view only the webpage content that was delivered securely?" when I try to load the page in IE8. My users are complaining and I don't have a clue how to fix this. They are not computer administrators and cannot change the security policy for IE on their machines.
I figured out the problem and figured I'd post it here in case anyone else ever comes across this issue. The problem is that IE8 was treating the CSS background property with a relative URL as unsecure. So I had something like this:
.SomeRule
{
background: url('/SomeFolder/SomeImage.png') 95% 50% no-repeat;
}
and I had to change it to this to make the warning go away:
.SomeRule
{
background: url('https://www.SomeSite.com/SomeFolder/SomeImage.png') 95% 50% no-repeat;
}
I had a similar problem with a WordPress site where I recently added SSL. Obviously, something was being loaded with HTTP protocol, but what?
First, I checked the obvious:
I checked embedded page and post images for fully qualified paths using http protocol.
Then I checked links relative to the root as #datadamnation suggested in his solution.
Next I looked in my CSS to see if a background image URL used the http protocol.
I checked my plugins and my plugins CSS.
I checked the content in the sidebar widgets.
I checked the images loaded in the carousel slider.
Finally, I checked the theme's header image. When I looked at it using Firebug, I could see that it was still using http. To correct it, I had to remove the WordPress header image, and then add it back again and save. Refresh the page, and now the mixed content warning message is gone! It would have saved me a couple of hours of trial and error if I had done this first, so maybe you'll read this and save yourself some time.
I am helping migrate a legacy application. One of the requirements is we are able to handle requests for old images.
What we have is:
New site on new.com
Old site on old.com
Images to links (imported content) point to /imgs/cat.png however the actual image is hosted on old.com/assets/images/cat.png (for now).
<img src="/imgs/cat.png"/>
I setup a redirect for all png, jpg, jpeg, gif that 302's requests for new.com/imgs/(.*).(png|jpg|jpeg|gif) to http://old.com/assets/images/$1.$2
Everything works find in Chrome, Firefox and IE9 - however it was noted in IE8 the image does not render. Its possible that it has the same issue in IE7, 6 and 5.5 however I have not been able to test this.
Does anyone know why this is happening and how to fix?
I tried setting the contentType header on the response of the 302's to image/(png|jpg|jpeg|gif) and this did not have any impact.
Any insight would be appreciated.
Turns out the host that the images were served from was not a Trusted Site in IE, where as the host that served the page was. Normally youd see a popup asking if you wanted to accept an untrusted resource, however because this was a 302 redirect (original img URL was to the trusted, but 302'd to untrusted) IE never showed the popup.
I have a QR code image that's embedded from the Google Charts API. Recently it stopped working, but I haven't changed anything in my code.
Here's the page (note the broken images): [redacted]
As you can see, the images are embedded as http:// but when they are loaded, they're redirecting to the https:// URL on the google domain, which is broken.
Why is this redirect happening?
Edit: forgot to add -- what's even stranger is that if you view the image in a new tab, then change http to https (in effect, making the url the exact one that was originally requested),
it loads fine.
Edit #2 removed the link to my test site, as I've fixed the problem.
Turns out the google charts domain has changed. The new one is:
https://chart.googleapis.com
do not use
http://chart.apis.google.com
this is an updated question:
I am trying to include a picture on an external server.
PROBLEM HERE: my home website is using https:// and the picture on the external server is just http. The picture is fine (tested) but IE seems not to allow to access http:// sources when on a https:// website.
I am looking for html or javascript code to allow access for loading pictures from other domain WHEN my home domain is HTTPS and my external domain is HTTP
thanks
Klaus
I'm afraid this is a feature of the browser. When you enter a page like this on IE and some other browsers, it will give the user the option to disallow "unsecured" elements on the page (this includes elements served over HTTP); and will not display them. Your page cannot override the users' action.