• 0

DMS 2 DMS 2 Forces Unsecure Social Media Elements on Page


Question

Posted · Report post

Hi there,

 

I have upgraded to DMS 2 today, everything went smoothly and apart from some minor amends everything worked apart from one thing.

 

I have an EV SSL Certficate installed on my site from GoDaddy.  Before the update the whole site had the green bar on all browsers.  After the update it's not showing on Opera, Chrome or Safari and IE is saying not displaying insecure elements.  FireFox seems Ok with it although the FireBug console does throw up errors.

 

If I switch the theme back to 2014 the errors disappear, so it is the theme causing the issue.  I have no social media set up on the site at all, I don't want it. 

 

I can't seem to find anywhere in DMS to switch the calls to FaceBook, LinkedIn, Twitter and Pinterest off.  They are casuing the Unsecure Element issues.

 

SSL is set up through our host's server via GoDaddy EV SSL.

WordPress admin General Settings is set to HTTPS for the site's WordPress Address and Site Address so the whole site is HTTPS.

I added this code to my .htaccess file to force SSL/HTTPS:

 

    #Force SSL on Entire Site
    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

 

Any ideas?

 

Cheers

 

Stuart

Share this post


Link to post
Share on other sites

8 answers to this question

  • 0

Posted · Report post

Ok, so in the absense of anything helpful I took a look at the site using IE's inspection tool which highlighted the issue as some code in the  dms/dms/js/pl.common.js file:

Line 533

            var that = this
            ,    url = "http://graph.facebook.com/?id="+ that.shareLocation +'&callback=?'
            ,    shareBtn = $('[data-social="facebook"]')

Line 486

            var that = this
            ,    url = 'http://urls.api.twitter.com/1/urls/count.json?url=+that.shareLocation+&callback=?'
            ,    shareBtn = $('[data-social="twitter"]')

Line 465

            var that = this
            ,    url = 'http://api.pinterest.com/v1/urls/count.json?url=+that.shareLocation+&callback=?'
            ,    shareBtn = $('[data-social="pinterest"]')

Line 507

            var that = this
            ,    url = 'http://www.linkedin.com/countserv/count/share?url=+that.shareLocation+&callback=?'
            ,    shareBtn = $('[data-social="linkedin"]')

 

I changed the 4 instances of 'http' to 'https' and the insecure elements disappeared.  As I stated, the errors disappeared when I changed the theme so it had to be a DMS issue.  The worrying thing here is that I have no Social elements on my pages, so why is DMS adding them?

 

Hopefully that will help someone the wasted time of hunting the issue down again.

 

Maybe the devs can make the update?  Adding js to a child theme is a ball ache.

 

Stuart

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

HI Stuart,

 

What are the errors in the Firefox console ? Do other browsers have any errors ?

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

One of each of these in FireFox for the 4 social sites:
 
    'Blocked loading mixed active content "http://graph.facebook.com/?id=https://lifeskills-education.co.uk/" '
 
One each of these for the Console in Chrome:
 
    'The page at 'https://lifeskills-education.co.uk/' was loaded over HTTPS, but ran insecure content from 'http://www.linkedin.com/countserv/count/share?url=https://lifeskills-educat…co.uk/&callback=jQuery1102022143942676484585_1396013658191&_=1396013658192': this content should also be loaded over HTTPS. '

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Mmm... not sure what is causing that error but have dropped it on my hosts to look at.

 

I however am definitely seeing non-ssl content using FireBug's consol as copied and pasted above.  These disappear when I activate the 2014 theme and only started when I updated DMS to version 2.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Can you provide screenshots please.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Here is what I am seeing.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Fixed in next release.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now