Author Topic: https sitewide – admin panel has mixed usage warnings  (Read 12276 times)

Offline llegrand

  • Hero Member
  • *****
  • Posts: 1798
  • Karma: +520/-7
    • View Profile
https sitewide – admin panel has mixed usage warnings
« on: April 24, 2015, 05:44:50 PM »
With Google’s push to have sites all under https:// we moved to this model with the updates to version 1.2.1 for all of our sites.   The fix you provided for the storefront and the home directory solved that issue. That fix is here:   
https://github.com/abantecart/abantecartsrc/commit/bbb2be7693681e064036f31aa7b39afd71560577
 We do have to remove the Donate button from all pages in order for the SSL to not have warnings, but since most folks probably remove that from their site, not much of an issue.

 HOWEVER, the admin panel is a bit problematic - we are finding lots of calls to http://  that we are having go and edit the code.   We could provide you with a list of where we’ve altered – it even includes the ico file.   ;)
But what I would really like to reqest, is that as you move to the next versions 1.2.2 and forward can you please make the default codes work with https:// pages across the entire site.   That would assist everyone as they begin to follow the big G"s wishes.
Thanks for considering.
Lee

 
 
 

Offline Gordon Taylor

  • Global Moderator
  • Full Member
  • *****
  • Posts: 150
  • Karma: +28/-1
    • View Profile
    • Natural Handcrafted Soaps
Re: https sitewide – admin panel has mixed usage warnings
« Reply #1 on: April 24, 2015, 08:50:23 PM »
Great post Lee, and as you say, since Google is giving more weight (or whatever) to sites behind the https then we need to get this fixed ASAP. This will be especially important for newbies that don't modify the footer or don't turn off the donate button. You can't get a padlock in FF with that code active, the PayPal image is being called from an non-secure server, as an example.

I've used sites like https://www.whynopadlock.com/ to suss out some of the issues and just plain found them on my own. Another issue I noticed  with this subject is that sometimes the archived images that one adds during product building are not behind the secure side. Even thought the https address website address is in the correct place withing Admin>settings. In fact it seems to be random.



Offline eCommerce Core

  • Administrator
  • Hero Member
  • *****
  • Posts: 1602
  • Karma: +93/-1
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #2 on: April 27, 2015, 12:49:17 PM »
We are checking this. Will update soon...

“If you’re in the luckiest one per cent of humanity, you owe it to the rest of humanity to think about the other 99 per cent.”
― Warren Buffett

Offline eCommerce Core

  • Administrator
  • Hero Member
  • *****
  • Posts: 1602
  • Karma: +93/-1
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #3 on: April 27, 2015, 01:23:56 PM »
I have updated Donation button for 1.2.2.

Regarding Admin panel, we will work on making it 100% HTTPs. This will take some time. 
“If you’re in the luckiest one per cent of humanity, you owe it to the rest of humanity to think about the other 99 per cent.”
― Warren Buffett

Offline llegrand

  • Hero Member
  • *****
  • Posts: 1798
  • Karma: +520/-7
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #4 on: April 27, 2015, 01:48:51 PM »
Excellent,  thank you, I appreciate the forward thinking on Abantecart - always trying to make it better and it is already really great!

Cheers
Lee



Offline Gordon Taylor

  • Global Moderator
  • Full Member
  • *****
  • Posts: 150
  • Karma: +28/-1
    • View Profile
    • Natural Handcrafted Soaps
Re: https sitewide – admin panel has mixed usage warnings
« Reply #5 on: April 27, 2015, 02:49:41 PM »
Hey thanks eCC .... really appreciate your hard work.

Gordon

Offline abantecart

  • Administrator
  • Hero Member
  • *****
  • Posts: 4358
  • Karma: +298/-10
    • View Profile
    • Ideal Open Source Ecommerce Solution
Re: https sitewide – admin panel has mixed usage warnings
« Reply #6 on: April 27, 2015, 05:48:00 PM »
This is a commit with modifications with admin fixes for HTTPs
https://github.com/abantecart/abantecart-src/commit/cae9c30a064ccf135078318d50559e2ecd34d41a
Please  rate your experience or leave your review
We need your help to build better free open source ecommerce platform for everyone. See how you can help

Offline Gordon Taylor

  • Global Moderator
  • Full Member
  • *****
  • Posts: 150
  • Karma: +28/-1
    • View Profile
    • Natural Handcrafted Soaps
Re: https sitewide – admin panel has mixed usage warnings
« Reply #7 on: April 27, 2015, 09:39:51 PM »
Thank you Pavel, everyone will love it!

Offline webdevmerc

  • Full Member
  • ***
  • Posts: 172
  • Karma: +32/-1
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #8 on: September 01, 2015, 01:23:36 PM »
Hi, could someone test this fix in their environment and see if it introduced a new bug?

I replaced all 9 of my Abantecart 1.2.3 files with these 9 and noticed that on a product page, the 1st image would load up ok, but if I click on any other images, it would open up in a very narrow window.  If I try to reopen the 1st image, it has the same problem.

My site does have a RewriteCond forcing all https traffic so I don't know if that's the cause...


I then replaced these new files with the original Abantecart 1.2.3 (Jul 21st) files and the images are working correctly again.


Offline llegrand

  • Hero Member
  • *****
  • Posts: 1798
  • Karma: +520/-7
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #9 on: September 01, 2015, 03:57:13 PM »
Hi, Web Dev,  I believe those fixes on the github cited were for 1.2.2  and the improvement to https handling did come out when 1.2.2 was released.  And to the best of my testing 1.2.3 has the improved https handling already in it.  Therefore doubt if replacing the files is a good thing.

I use rewrite conditions to redirect to the https/ on my sites without issues since the 1.2.2.

What's happening on your site that is causing you issues? 

Lee





Offline webdevmerc

  • Full Member
  • ***
  • Posts: 172
  • Karma: +32/-1
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #10 on: September 01, 2015, 04:03:39 PM »
Oh, ok...My problem is when testing with Cloudflare, it has mixed secure content warnings which maybe a Cloudflare/cdn thing, but I tried these (apparently) old files which causes other issues.

I also force HTTPS in my .htaccess, but web testing sites seem to complain that an endless redirect loop is there when Cloudflare is enabled...

Offline Basara

  • Administrator
  • Hero Member
  • *****
  • Posts: 5772
  • Karma: +274/-2
    • View Profile
Re: https sitewide – admin panel has mixed usage warnings
« Reply #11 on: September 03, 2015, 09:01:45 AM »
When you apply any changes in code or redirects make sure to purge Cloudflare cdn cache.
Also Cloudflare has different cache levels try to play with different settings

 

Powered by SMFPacks Social Login Mod