AbanteCart Community

eCommerce construction => Installation and Configuration => Topic started by: srhodes on January 25, 2021, 11:10:06 PM

Title: javascript and css not referencing https
Post by: srhodes on January 25, 2021, 11:10:06 PM
Can someone tell me what setting to update to force all connections to point to HTTPS? The AJAX/JS and CSS files are not set to "//" which would cause the browser to auto detect HTTP vs HTTPS paths.

Here are just a few lines from the browser console demonstrating the errors:
Blocked loading mixed active content “http://cart.rh<snip>ns.com/admin/view/default/stylesheet/stylesheet.css”
index.php
Blocked loading mixed active content “http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js”
index.php
Loading failed for the <script> with source “http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js”.
Title: Re: javascript and css not referencing https
Post by: Basara on January 26, 2021, 12:22:08 AM
Hello.
You should set up a redirect on your server. If you have an Apache server try this simple .htaccess rule
http://forum.abantecart.com/index.php/topic,7187.msg29855.html#msg29855
Title: Re: javascript and css not referencing https
Post by: srhodes on January 26, 2021, 12:27:17 PM
I configured both the .htaccess and Nginx configurations to redirect traffic and still have the same result. My reverse-proxy is automatically redirecting HTTP to HTTPS but this application is not following suit.
Title: Re: javascript and css not referencing https
Post by: AnnyJones01 on July 10, 2023, 07:21:36 AM
If you're experiencing issues with JavaScript and CSS files not referencing HTTPS, it's likely due to the protocol-relative URLs (also known as protocol-relative URLs) used in your code.

Protocol-relative URLs start with "//" instead of specifying "http://" or "https://" explicitly. When used on a web page, they inherit the protocol (HTTP or HTTPS) of the page making the request.

To ensure that your JavaScript and CSS files are referenced with HTTPS, you can modify the URLs in your code by explicitly specifying "https://" at the beginning. Here's an example:

html
Copy code
By providing the full HTTPS URL, you ensure that the files are loaded using the secure protocol.

It's important to note that if you're hosting your JavaScript or CSS files on a different server that doesn't support HTTPS, you may encounter issues. In such cases, you might need to consider alternative hosting options or address any security concerns with the hosting provider.

Remember to update all references to the JavaScript and CSS files throughout your code to use the secure HTTPS URLs to ensure consistent and secure delivery of your assets.
Title: Re: javascript and css not referencing https
Post by: choughprove on August 09, 2023, 04:40:19 AM
It's possible that you'll run into trouble if you host your JavaScript or CSS files on a server that doesn't support HTTPS. If this happens, you may need to look into different hosting choices or raise security concerns with your current host.
Title: Re: javascript and css not referencing https
Post by: elijahnelson on October 11, 2023, 05:45:47 AM
It's possible that you'll run into trouble if you host your JavaScript or CSS files on a server that doesn't support HTTPS. If this happens, you may need to look into different hosting choices or raise security concerns with your current host.
You're absolutely right. Security is a crucial aspect of web development, and using HTTPS for hosting JavaScript and CSS files is highly recommended.
Title: Re: javascript and css not referencing https
Post by: lily coliins on November 04, 2023, 04:54:16 AM
To force all connections to point to HTTPS and avoid mixed content issues, you need to ensure that all the resources (like AJAX/JS files, CSS files, and external libraries) are loaded via HTTPS.