#1
  1. In the midst of insanity
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    UK
    Posts
    182
    Rep Power
    14

    SSL issues with Javascript


    Hi

    I have just been converting some web pages into SSL pages i.e including absolute secure links to all images etc etc But the javascript is giving me problems. Basically I get the 'non-secure items' pop-up error from IE - even if you click 'no - don't display non-secure items', the page still shows everything how it should. I have searched for similar threads but nobody has actually been able to answer or give suggestions as to why this happens etc. Anyone out there who knows please let me know.

    Cheers

    p.s The scripts are being pulled from source files - but I have included these as absolute links i.e https://whateverdomain/menu.js
    Take it easy - but take it!
  2. #2
  3. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17
    This will happen when the page contains links via javascript, css or whatever, to files that aren't on the SSL server. Remember you will have to change any references in the JavaScript files, etc. to the SSL server.

    Perhaps you could post a link to the page in question so we could take a look at it?
    Alex
    (http://www.alex-greg.com)
  4. #3
  5. In the midst of insanity
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    UK
    Posts
    182
    Rep Power
    14
    Thanks alexgreg, it looks as though there is a link to a non-secure image src. But not knowing javascript too well I'm not sure what I need to change +ifBlnk+ too as I'm not sure what the plus sign does in this instance - can you help or explain this to me please?


    if(ie55){ifBlnk="";if(location.protocol=="https:")ifBlnk="/blank.htm";mt="<IFRAME frameborder=0 id=if"+mnu+" src=\""+ifBlnk+"\" scroll=none style=\"FILTERrogidXImageTransform.Microsoft.Alpha(style=0,opacity=0);visibility:hidden;height:20;position:absolute;wid th:"+(menu[3]+ns6w)+"px;left:"+dmleft+"px;top:"+menu[1]+"px;z-index:5\"></iframe>"}


    Thanks.
  6. #4
  7. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17

    Cool


    That's a very evil load of JS

    It looks as it ifBlnk is being set to /blank.htm (since the protocol is https). You should do this to check:

    Code:
    if(location.protocol=="https:")ifBlnk="/blank.htm"; alert("ifBlnk is set to: "+ifBlnk);
    The other option is to check your web server logs (if you have access to them) to see which files are being requested via normal HTTP and which ones are being requested via SSL.
    Last edited by alexgreg; June 18th, 2003 at 04:43 PM.
  8. #5
  9. In the midst of insanity
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    UK
    Posts
    182
    Rep Power
    14
    Thanks again. Yeah I can see now what the script does - the designer who put these scripts in 'acquired' it from somewhere although I'm sure it will be way above his level to sort out - so I'll check the logs and see what I can find. BTW - what happens if blank.htm doesn't exist in this instance, would it pull up an error or just ignore it?
  10. #6
  11. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17
    what happens if blank.htm doesn't exist in this instance, would it pull up an error or just ignore it?
    That's a good point - I hadn't thought of that. It will send your default 404 document, but I don't know if it will send it over SSL. This could be what's causing the problem...but check the log files to be sure
  12. #7
  13. In the midst of insanity
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2001
    Location
    UK
    Posts
    182
    Rep Power
    14
    Thanks for all your help.

IMN logo majestic logo threadwatch logo seochat tools logo