Getting errors in Firefox developer after changing to https

Know very little about coding but enough to be dangerous.  

I have my website circlehubb.com going through cloudflare. They offer a shared SSL certificate.  I still was not getting the padlock, and when I checked why this was, I got this message:


A form with the action of "http://www.circlehubb.com/circles/search_data/" exists in the source code of the tested page.

---

This form needs to be updated to use "https://www.circlehubb.com/circles/search_data/" or another secure URL for your padlock to return.



I modified http to https in the config.php file and that took care of the problem, however now I get a whole bunch of warnings in Chrome and Firefox, see below: 


Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...bfont.woff. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). 

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...bfont.woff. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...ebfont.ttf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...ebfont.ttf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...bfont.woff. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.circlehubb.com/css/font/Robo...ebfont.ttf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Source map error: request failed with status 404 Resource URL: https://www.circlehubb.com/js/jquery-1.9.1.min.js Source Map URL: jquery.min.map[Learn More]


What do I need to modify to get rid of these error?


Thank you!

A web application makes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, and port) than its own origin. What is the exact circumstance that produces the above?

A web application makes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, and port) than its own origin. What is the exact circumstance that produces the above?

In the config.php file I changed the home url from http to https.  This is when I got all the errors that came up, except for the last one.

I was not clear. What I had in mind was where are these resources loaded? Normal page load? AJAX call? What is the code that produces the warnings?

You either need to modify your Apache config or .htaccess file that tells browser it's ok for this site to load certain resources from different origin / domain.

Here's a pretty good answer on how to set it up - https://stackoverflow.com/questions/1342...low-origin

I'd personally try to avoid the wildcard solution, but understandably it'll be quite annoying if you use loads of different resources or if 3rd party plug-ins go and change the resource endpoints, you'll site could break.

Add these to your .htaccess file were index.php is

Code:

    # Add Font Types
    AddType application/vnd.ms-fontobject .eot
    AddType font/truetype .ttf
    AddType font/opentype .otf
    AddType font/opentype .woff
    AddType font/opentype .woff2
    AddType image/svg+xml .svg .svgz

    <FilesMatch ".(eot|ttf|otf|woff|woff2|svg|svgz)">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>

That's how I got rid of the errors in Chrome.

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )

I was not clear. What I had in mind was where are these resources loaded? Normal page load? AJAX call? What is the code that produces the warnings?

Pages appear to load fine, however unable to log into any account (admin or user).

It appears that after the code was added the errors went away in Firefox but not Chrome.

I ma unable to login because Chrome is indicating that insecure content is being loaded. When I allow the content to load, I am able to log in but get NOT SECURE message in browser.

Is Chrome still throwing same errors?

Is Chrome still throwing same errors?

It is.  It is actually showing more errors now after I reloaded all the files to make sure I did not miss anything.  Surprisingly, the padlock is green in Chrome, which was not the case before but not it shows up not secure in Safari, which showed up secure before. 
  
More importantly, I cannot log in to admin or user panel in Chrome or Safari, which worked before. 

It takes me a while to figure things out.  I do not know much about coding but can slowly get through some stuff.

I am looking for someone that sees potential for the site that would be able to help me with the issues that I am encountering. 

Thank you for following up with me.

Is Chrome still throwing same errors?

It is.  It is actually showing more errors now after I reloaded all the files to make sure I did not miss anything.  Surprisingly, the padlock is green in Chrome, which was not the case before but not it shows up not secure in Safari, which showed up secure before. 
  
More importantly, I cannot log in to admin or user panel in Chrome or Safari, which worked before. 

It takes me a while to figure things out.  I do not know much about coding but can slowly get through some stuff.

I am looking for someone that sees potential for the site that would be able to help me with the issues that I am encountering. 

Thank you for following up with me.

1. Load Google Fonts over https not over http.
2. clndr.css, bucket-ico-fonts.css and 2shCore.js is not found (404 error)
3. $(...).dataTable is not a function <- dataTable is loaded to late or is not loaded

Check the Browerser Console for errors