[solved]JavaScript not over HTTPS - insecure content
jschiller
Joined: 2013-10-19
Posts: 5 |
Posted: Wed, 2014-04-09 07:38 | |||
Running Gallery2 over HTTPS, but the JavaScript is being flagged as insecure content and blocked by Chrome. This means JavaScript based functionality is missing, for example you cannot install/uninstall/delete/configure plugins, nor will the Album Select Block work in the side bar. I can of course click the "load unsafe script" and everything functions... but is there a way to force the script to use HTTPS if the site is accessed over https? I searched and only found stuff about redirection of HTTP->HTTPS to make the login safe, and about securing the images. Apologies if this is covered in another thread. To reproduce this problem I access my gallery2 site over HTTPS on chrome/OSX. Screen shot attached showing the security warning (the Shield which when clicked reads "This page includes script from unauthenticated sources. [Load unsafe script]"). I have also included the developer tools window (View > Developer > Developer Tools) which states: X [blocked] The page at 'https://www.schiller.net/gallery2/main.php' was loaded over HTTPS, but ran insecure content from 'http://www.schiller.net/gallery2/main.php?g2_view=core.CombinedJavascript&g2_key=b9e45ea3d4899d464fddda2b6b2d3ce7': this content should also be loaded over HTTPS. main.php:1 Can be reproduced without logging in. System details: Browser (e.g. Firefox 2.0): Chrome Version 33.0.1750.152 Thanks, __Jason
|
||||
Posts: 5
looking at the forcing SSL thread http://galleryproject.org/node/30558 I found a bit about unsetting baseURI.
in config.php
$gallery->setConfig('baseUri', '');
that solved my issue.