Hello guest, if you read this it means you are not registered. Click here to register in a few simple steps, you will enjoy all features of our Forum.
Bottom Page

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Where has your https gone?
#41
It must be because i clicked to load unsafe scripts at this point
Doh

But then i have to ask what is this trying to load that makes it unsecure.


Attached Files Thumbnail(s)
   
*Describe the environment in which it occurs.                                    *Describe the symptoms of your problem clearly.
*Describe the research you did to try and understand the problem.      *Describe the goal, not the step. 
*Use meaningful, specific subject headers                                          *Write in clear, grammatical, correctly-spelled language
*Describe the problem's symptoms, not your guesses                         *Describe your problem's symptoms in chronological order
*Describe the diagnostic steps you took to try and pin down the problem yourself.
*Describe any possibly relevant recent changes in your computer or software configuration. 
*Provide a way to reproduce the problem in a controlled environment.
Quote
#42
I think it's because of the chat section on the bottom of the page. FF says that some content is not secure and display padlock with ! next to the address bar. If you hide the chat section and reload then it's OK. I see this only on the first page where the chat section is
Quote
#43
(Jan-10-2017, 08:50 PM)buran Wrote: I think it's because of the chat section on the bottom of the page. FF says that some content is not secure and display padlock with ! next to the address bar. If you hide the chat section and reload then it's OK. I see this only on the first page where the chat section is
I think you are right. I globally set the chatbox to close, as it saves bandwidth anyways.
*Describe the environment in which it occurs.                                    *Describe the symptoms of your problem clearly.
*Describe the research you did to try and understand the problem.      *Describe the goal, not the step. 
*Use meaningful, specific subject headers                                          *Write in clear, grammatical, correctly-spelled language
*Describe the problem's symptoms, not your guesses                         *Describe your problem's symptoms in chronological order
*Describe the diagnostic steps you took to try and pin down the problem yourself.
*Describe any possibly relevant recent changes in your computer or software configuration. 
*Provide a way to reproduce the problem in a controlled environment.
Quote
#44
it wasnt the chatbox, it was unsecure fonts being loaded via http instead of https form a plugin

I installed a new plugin (DVZ secure content) which restricts non secure content (non-https) for avatars, fonts, mycode images, remote avatars, mycode video, etc. 

The errors were from a font used from a plugin
Quote:Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Ubuntu:400,700'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
(index):43 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Ubuntu:400,700'. This request has been blocked; the content must be served over HTTPS.
(index):43 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.

so i just manually switched it
$ sudo grep -ril http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
[sudo] password for metulburr: 
cache/themes/theme1/guestwarn.min.css
cache/themes/theme1/guestwarn.css
inc/plugins/guestwarn.php
$ sudo vim cache/themes/theme1/guestwarn.min.css
$ sudo vim cache/themes/theme1/guestwarn.css
$ sudo vim inc/plugins/guestwarn.php

$ sudo grep -ril http://fonts.googleapis.com/css?family=Ubuntu:400,700
$ sudo grep -ril http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
$ sudo grep -ril http://fonts.googleapis.com/css?family=Ubuntu:400,700
$
After this my browsers now says the console is clean and no errors, no unsecure content, and fully secure, whereas before it just gave a warning saying it blocked the non secure content. 

But that might be a concern in the future if we install another plugin or theme, or something else that hard coded http into their code.
*Describe the environment in which it occurs.                                    *Describe the symptoms of your problem clearly.
*Describe the research you did to try and understand the problem.      *Describe the goal, not the step. 
*Use meaningful, specific subject headers                                          *Write in clear, grammatical, correctly-spelled language
*Describe the problem's symptoms, not your guesses                         *Describe your problem's symptoms in chronological order
*Describe the diagnostic steps you took to try and pin down the problem yourself.
*Describe any possibly relevant recent changes in your computer or software configuration. 
*Provide a way to reproduce the problem in a controlled environment.
Quote
#45
https://www.python-forum.net/ does not seem to work?
micseydel likes this post
Quote
#46
(Jan-20-2017, 08:10 PM)Kebap Wrote: https://www.python-forum.net/ does not seem to work?
Ummm....im not sure how to do that. I did switch .net to redirect to .io's https version instead, but though themselves are not https. That may take a bit to update.

.net domain is just redirected to .io domain.

Hasnt .io been the main one?

EDIT:
but there is no server side change as straight from the domain it is redirected to .io (at least not the method i did)
*Describe the environment in which it occurs.                                    *Describe the symptoms of your problem clearly.
*Describe the research you did to try and understand the problem.      *Describe the goal, not the step. 
*Use meaningful, specific subject headers                                          *Write in clear, grammatical, correctly-spelled language
*Describe the problem's symptoms, not your guesses                         *Describe your problem's symptoms in chronological order
*Describe the diagnostic steps you took to try and pin down the problem yourself.
*Describe any possibly relevant recent changes in your computer or software configuration. 
*Provide a way to reproduce the problem in a controlled environment.
Quote

Top Page

Possibly Related Threads...
Thread Author Replies Views Last Post
  chat iframe no longer working after https metulburr 1 127 Jan-28-2017, 02:25 PM
Last Post: metulburr
Brick https Kebap 14 735 Oct-12-2016, 02:59 PM
Last Post: metulburr

Forum Jump:


Users browsing this thread: 1 Guest(s)