• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
trying to get ssl to work

#1
I am trying to get ssl working on my site. I got this message from support:

Visiting https://substantiator.com/rndcontroller/sub_crud/ in Firefox and pressing F12 shows a bunch of mixed-content errors:
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap-collapse.js
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap.css
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap-responsive.css
etc.

I guess these need to be https://

But I am not setting this my CI code is actually:

    $this->load->js('assets/themes/default/js/jquery-1.9.1.min.js');
    $this->load->js('assets/themes/default/hero_files/bootstrap-transition.js');
    $this->load->js('assets/themes/default/hero_files/bootstrap-collapse.js');
    $this->load->js('js/jquery.orgchart.js');     // for charts


Notice that I don't have either http or https. How can I fixed this?
proof that an old dog can learn new tricks
Reply

#2
Hi

Have you updated your $config['base_url'] with the new protocol ?

https instead of http
Reply

#3
servin, I didn't. Now I did but no change. The tech support person mentioned:

I'd suggest adding htaccess rule to force http:// -> https:// redirection too

Do you have any idea how to do that?
proof that an old dog can learn new tricks
Reply

#4
Is the 'js' method of 'load' hardcoded to add http?
Reply

#5
Don't know what you mean by that? Is there a config rule for that?
This is what is hard coded:
$this->load->js('assets/themes/default/js/jquery-1.9.1.min.js');
$this->load->js('assets/themes/default/hero_files/bootstrap-transition.js');
$this->load->js('assets/themes/default/hero_files/bootstrap-collapse.js');
proof that an old dog can learn new tricks
Reply

#6
solved. seems to be working now!
proof that an old dog can learn new tricks
Reply

#7
It has to do with ( CORS )

Cross-Origin Resource Sharing (CORS)
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#8
Thanks Insite. Can you tell me how to modify htaccess to force http:// -> https:// redirection ?

I can get in either way now, secure or not secure.

But do I still need to be concerned with these errors:

Visiting https://substantiator.com/rndcontroller/sub_crud/ in Firefox and pressing F12 shows a bunch of mixed-content errors:
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap-collapse.js
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap.css
Blocked loading mixed active content “http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap-responsive.css
etc.

Once I lock down the sub_crud directory to be https, will I no longer be able to use this, for example:
http://substantiator.com/rndcontroller/sub_crud/assets/themes/default/hero_files/bootstrap.css”  ??
proof that an old dog can learn new tricks
Reply

#9
(05-08-2018, 04:38 AM)InsiteFX Wrote: It has to do with ( CORS )

Cross-Origin Resource Sharing (CORS)

very wrong...

@richb201

if you use https://, you can not use http://. Change all url from http to https...
Reply

#10
As @Paradinight said you need to change all http:// to https://

This is a modified .htaccess file I use from FuelPHP it works great.

I had to use this when I went https:// because of Fontawesome problems.

Code:
<IfModule mod_rewrite.c>

    # Multiple Environment config, set this to development, testing or production
    # Set the CodeIgniter Environment.
    SetEnv CI_ENV development
    #SetEnv CI_ENV production

    RewriteEngine on

    # NOTICE: If you get a 404 play with combinations of the following commented out lines
    #AllowOverride All
    RewriteBase /

   # Make sure directory listing is disabled
    Options +FollowSymLinks -Indexes

    # Add Font Types
    AddType application/vnd.ms-fontobject .eot
    AddType font/truetype .ttf
    AddType font/opentype .otf
    AddType font/opentype .woff
    AddType font/opentype .woff2
    AddType image/svg+xml .svg .svgz

    <FilesMatch ".(eot|ttf|otf|woff|woff2|svg|svgz)">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>

    #RewriteCond $1 !^(index\.php|resources|vendor|assets|css|js|img|images|robots\.txt)

    # Restrict your site to only one domain
    # !important USE ONLY ONE OPTION

    # Option 1: To rewrite "www.domain.com -> domain.com" uncomment the following lines.
    #RewriteCond %{HTTPS} !=on
    #RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
    #RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

    # Option 2: To rewrite "domain.com -> www.domain.com" uncomment the following lines.
    #RewriteCond %{HTTPS} !=on
    #RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
    #RewriteCond %{HTTP_HOST} (.+)$ [NC]
    #RewriteRule ^(.*)$ http://www.%1/$1 [R=301,L]

    # Remove index.php from URL
    RewriteCond %{HTTP:X-Requested-With}    !^XMLHttpRequest$
#    RewriteCond %{THE_REQUEST}                ^[^/]*/index\.php [NC]
#    RewriteRule ^index\.php(.*)$            $1 [R=301,NS,L]

    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

   # make HTTP Basic Authentication work on php-fcgi installs
   <IfModule mod_fcgid.c>
       RewriteCond %{HTTP:Authorization} .
       RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
   </IfModule>

    # Send request via index.php if not a real file or directory
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d

    # deal with php-fcgi first
    <IfModule mod_fcgid.c>
       RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
    </IfModule>

    # no php-fcgi, check for sapi and fpm
    <IfModule !mod_fcgid.c>
        # for PHP5 sapi installations
        <IfModule mod_php5.c>
            RewriteRule ^(.*)$ index.php/$1 [L]
        </IfModule>

        <IfModule !mod_php5.c>
            # for PHP7 sapi installations
            <IfModule mod_php7.c>
                RewriteRule ^(.*)$ index.php/$1 [L]
            </IfModule>

            # for fpm installations
            <IfModule !mod_php7.c>
                RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
            </IfModule>
        </IfModule>

    </IfModule>

</IfModule>
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.