support

javascript and css not referencing https

Started by srhodes, January 25, 2021, 11:10:06 PM

Previous topic - Next topic

srhodes

Can someone tell me what setting to update to force all connections to point to HTTPS? The AJAX/JS and CSS files are not set to "//" which would cause the browser to auto detect HTTP vs HTTPS paths.

Here are just a few lines from the browser console demonstrating the errors:
Blocked loading mixed active content "http://cart.rh<snip>ns.com/admin/view/default/stylesheet/stylesheet.css"
index.php
Blocked loading mixed active content "http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"
index.php
Loading failed for the <script> with source "http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js".

Basara

Hello.
You should set up a redirect on your server. If you have an Apache server try this simple .htaccess rule
http://forum.abantecart.com/index.php/topic,7187.msg29855.html#msg29855

srhodes

I configured both the .htaccess and Nginx configurations to redirect traffic and still have the same result. My reverse-proxy is automatically redirecting HTTP to HTTPS but this application is not following suit.

AnnyJones01

If you're experiencing issues with JavaScript and CSS files not referencing HTTPS, it's likely due to the protocol-relative URLs (also known as protocol-relative URLs) used in your code.

Protocol-relative URLs start with "//" instead of specifying "http://" or "https://" explicitly. When used on a web page, they inherit the protocol (HTTP or HTTPS) of the page making the request.

To ensure that your JavaScript and CSS files are referenced with HTTPS, you can modify the URLs in your code by explicitly specifying "https://" at the beginning. Here's an example:

html
Copy code
By providing the full HTTPS URL, you ensure that the files are loaded using the secure protocol.

It's important to note that if you're hosting your JavaScript or CSS files on a different server that doesn't support HTTPS, you may encounter issues. In such cases, you might need to consider alternative hosting options or address any security concerns with the hosting provider.

Remember to update all references to the JavaScript and CSS files throughout your code to use the secure HTTPS URLs to ensure consistent and secure delivery of your assets.

choughprove

It's possible that you'll run into trouble if you host your JavaScript or CSS files on a server that doesn't support HTTPS. If this happens, you may need to look into different hosting choices or raise security concerns with your current host.
Stripe Payment Extension

elijahnelson

Quote from: choughprove on August 09, 2023, 04:40:19 AM
It's possible that you'll run into trouble if you host your JavaScript or CSS files on a server that doesn't support HTTPS. If this happens, you may need to look into different hosting choices or raise security concerns with your current host.
You're absolutely right. Security is a crucial aspect of web development, and using HTTPS for hosting JavaScript and CSS files is highly recommended.

lily coliins

To force all connections to point to HTTPS and avoid mixed content issues, you need to ensure that all the resources (like AJAX/JS files, CSS files, and external libraries) are loaded via HTTPS.

Forum Rules Code of conduct
AbanteCart.com 2010 -