Login

06-17-2014, 04:05 AM

[eluser]Lykos22[/eluser]
Hi folks!

You may have noticed that CodeIgniter does not have on HTML Helpers a function that generates <sckript> tags, something quite similar as link_tag() does with <link /> tags which used for css, so I decided to create my own function.

Follow the steps for extending helpers and create a file inside ./application/helpers and save it as MY_html_helper.php (so it will be ./application/helpers/MY_html_helper.php).

07-20-2014, 03:12 AM

[eluser]Lykos22[/eluser]
Here is the link for Github too.

07-23-2014, 11:37 AM

[eluser]jonez[/eluser]
Neat. One suggestion is when you link to local files start the link with '//' not 'http://', that way the includes will work under both protocols (http and https).

07-23-2014, 11:11 PM

[eluser]Lykos22[/eluser]
[quote author="jonez" date="1406140650"]Neat. One suggestion is when you link to local files start the link with '//' not 'http://', that way the includes will work under both protocols (http and https).[/quote]
Not sure if i understood your comment, but the regular expression in preg_match() function

Code:
if (!preg_match('@^https?:\/\/@', $src_value))

checks for http(s) - the s is optional - so it will match both http:// and https://

08-11-2014, 06:06 AM

[eluser]jonez[/eluser]
If a user includes a remote file using http and the site is under https, or vice versa, you'll get an error about mixing content types. If you construct includes like this it will work under both protocols:

Code:
<scr1pt type="text/javascript" src="//code.jquery.com/jquery-1.11.0.min.js"></scr1pt>

The issue with your check is passing without http/https and using just // will break them by passing through base_url. Ideally it should check for http(s) and replace with // and only use base_url if the link starts with neither http(s) or //.

08-11-2014, 10:32 AM

[eluser]CroNiX[/eluser]
@jonez, what will happen then if the current site is using ssl and the remote site doesn't use ssl?

08-17-2014, 03:36 PM

[eluser]jonez[/eluser]
If you're serving pages under https you shouldn't be mixing secure/non-secure includes.

08-17-2014, 04:11 PM

[eluser]CroNiX[/eluser]
Of course, I was just pointing out a situation where your fix wouldn't work so we shouldn't assume that using // will work in all circumstances unless we know that all remote assets called have a https page. Receiving a message about secure/insecure content would probably be better than a 404 error on loading the asset, which could break the page.

08-18-2014, 05:17 AM

[eluser]jonez[/eluser]
Depends on how you look at it, you probably shouldn't trust a secure page with mixed assets either. Either way the developer controls includes and should be aware of this. If you have two sides to your app/site, say front end unsecured and CMS secured, using // will make your includes easier to manage.