Jump to content
infogroupsmb

PL adding https to stylesheet links

Recommended Posts

infogroupsmb    1
infogroupsmb

post-35879-0-86195700-1366917855_thumb.pWP v3.5.1

PL v2.4

Only part of the domain is on WP, ex: http://www.infousa.com/mailing-list/

 

So this behavior has happened twice now, with no apparent cause.  A week ago when saving Site Options PL added https to several of the stylesheet links.  I could tell it was PL because the ones that I en-queued weren't https, just the PL ones.  This caused the pages to fail to render properly.  

 

Just today my boss deleted a couple user accounts, which may have caused PL to save settings again, and all of a sudden we had https back for the PL stylesheets and the site wouldn't render.

 

In both cases the solution was to go back into the PageLines > Site Options and just save.  then the stylesheets were restored to regular http.

 

No one was logged in under https as the admin interface won't even load if I try https.  

 

I'm attaching a screen shot of the stylesheet links as they are now, and I highlighted a few of the stylesheets that were turned into https links.  

 

Though we have a fix once it breaks it isn't acceptable for us to move our whole www domain to WP/PL if it randomly switches to https so we need to figure out the cause and a preventative fix.

Share this post


Link to post
Share on other sites
Simon    247
Simon

There is no setting that would make those urls ssl.

 

1. the page is ssl, so the css urls are made ssl too, this is done by wordpress.

2. you have added a filter to force a page ssl.

3. you are using a plugin to force a page as ssl.

 

You are using the framework in a different folder and are also using an older version.

 

I have no idea what the Header and Footer sections are.

 

The sections caches and css are stored in the database to save process time. So what *might* be happening is the cache times out, someone views a https url, stuff is cached so the non https urls share the same data.

 

Using mixed ssl/non-ssl pages are always going to be a hack. Thats why if your going to use one, just add the actions/filters described many times in the forums here to force all the css urls to be ssl. Then the pages will always be secure and work.

Share this post


Link to post
Share on other sites
infogroupsmb    1
infogroupsmb

To go through the list you had:

 

1. the page isn't SSL.

2. There are no filters to force a page to SSL.

2. There are no plugins installed to force a page to SSL.

 

We are using a child theme of the pagelines theme, our childtheme folder is DotComWordpress

 

The header/footer sections are sections we created, and earlier developer than myself.  They are customized to the particular look and feel that we needed.  The header/footer sections are fed to our .net application side whenever the PageLines > Page Options are saves or any WP Menu is saved.  Part of the .net application is SSL and in order for it to properly display the content being fed to it by WP the links within the header/footer sections are done in https.  

 

However, the stylesheet links in the actual head tag aren't sent to the .net app, and aren't supposed to be https.  The only ones that ever switch are the PL stylesheets and it only seems to happen when a PL setting is saves.  I definitely know that to undo it we simple go in to PL and save the Page Options.  That is why PL is the suspected cause.

 

In playing around I was able to reproduce the exact opposite effect.  If you go to https://test-cms.infousa.com/mailing-list/  you'll see that the scripts and child stylesheet switch to https, but the PL sections stylesheets do not.  That causes the page to fail to render properly as those stylesheets aren't accessible.  

 

The same thing randomly happens in our production environment in reverse.  The scripts and child stylesheet load in http, but the section stylesheets load in https and due to our domain being split over 2 different sets of servers (WP and .net app) the F5 machine doesn't have the SSL certs for the WP server and can't authenticate them and pass them on so the https requrests get blocked.

 

I don't quite follow the statement "The sections caches and css are stored in the database to save process time. So what *might* be happening is the cache times out, someone views a https url, stuff is cached so the non https urls share the same data."  Can you elaborate how this could happen?

Share this post


Link to post
Share on other sites
James B    436
James B

Hi there,

 

I'm not a developer but following what Simon's mentioned above you'll need to use the following filter to force the css and sections to be ssl.

add_action( 'pl_force_ssl', '__return_true' );Use the above to force the css to be ssl "

The full thread relating to the above code can be found here - http://www.pagelines.com/forum/topic/24601-compiled-css-not-converting-to-https/?hl=force+ssl#entry143423


Kindly search the forum and read the documentation before posting. It will help you resolve many issues.

For CSS help be sure to check out W3Schools first and be sure to download FireBug for FireFox for troubleshooting.

James B

Share this post


Link to post
Share on other sites
infogroupsmb    1
infogroupsmb

Well the problem is that the links are being forced to SSL...and we don't want them to be.  And it appears to randomly occur when PL settings are saves, sometimes their SSL, sometimes not.  Is there a pl_force_not_ssl or can pl_force_ssl be set to __return_false to guarantee the css isn't ever put into ssl?

Share this post


Link to post
Share on other sites
James B    436
James B

The page css should be non ssl as standard, so its something between having half the site using ssl and half not that seems to be causing the problem.

 

There's no hook for pl_force_not_ssl that I'm aware of, I'd imagine setting the ssl to return false would be the same as what the normal framework does anyway.

 

I will check with the developer what the options would be to set the css/sections to never cache and re-generate on each page, to see if this would be a possible solution.


Kindly search the forum and read the documentation before posting. It will help you resolve many issues.

For CSS help be sure to check out W3Schools first and be sure to download FireBug for FireFox for troubleshooting.

James B

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Similar Content

    • MissT
      By MissT+
      Hi there,
      I've got an issue with 3 websites built with DMS since I migrated them from http to https that I need help with please.
      When any changes are made - e.g. new posts added or existing posts amended - certain sections of the live site seem to break e.g. image headers hang and don't load (b/g on canvas section), sliders hang and don't load (Revslider), flipper section doesn't load.
      Logging in and then clicking 'Edit the site using DMS' seems to fix the problem. Often if I try to open up another browser window to edit the site / re publish I'm unable to as the page wont load / hangs while trying to load.
      Any ideas how to fix this? On a couple of the sites I've installed a caching plugin as I thought it might be a loading speed issue but it's still happening.
      Website URL's can be provided privately.
      Many thanks in advance.
    • indesco
      By indesco
      Hi,  I have just switched the site shockwatch.co.nz over to SSL.  I have one remaining mixed content error to solve, but cannot find this link anywhere when I look at the page source so struggling to figure out how to resolve it.  Can you assist at all?
      Mixed Content: The page at 'https://shockwatch.co.nz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Droid+Sans:regular,bold&v1'. This request has been blocked; the content must be served over HTTPS.
      (index):1 Mixed Content: The page at 'https://shockwatch.co.nz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Droid+Sans:regular,bold&v1'. This request has been blocked; the content must be served over HTTPS.
    • jsruby22
      By jsruby22
      I am trying to secure my website and it appears there are many files in the pagelines theme that are hard coded insecure. Can you make these urls secure from http to https? In the meantime how do I do it manually?
    • Objectif-Mariage
      By Objectif-Mariage+
      Hi , 
      I have passed my site from http to https, and I just discover that I have some mixed content regarding icons of the PL section boxes...
      Would you know how to fixe that ? (if it's possible ?)
      this is my web site adress : https://www.wedding-photography-minneapolis.com/

    • SaschaM
      By SaschaM+
      hi
      i wanted to point out at this time, that i am very very very happy with platform 5. (before i used DMS and others) as some ppl talking here some things are not working, i can say the opposite working on my Web:
      1. UberMenu
      is running fine, without shortcodes or "tricks" necessary - it runs out of the box with no problems in a few clicks configured. also further ubermenu plugins 100%
      2. Shift Nav
      As a further extension of UberMenu - also runs fine out of the box with a few clicks. also combine with ubermenu no problem (Ubermenu for normal nav, shift nav for mobile)
      3. https / SSL

      I user commodo instant ssl and everything runs fine (10 minutes installation) - no mixed content errors nothing everything very smooth :-). Google SERPS have been updated to https URLS wihtin 1 day(!)
      4. MaxCDN
      I use MaxCDN for sitespeed as i implemented also video backgrounds. it runs perfect with wp supercache
      5. Nginx
      I also run nginx on my webspace, also with that there a no problems with platform 5. I also use nginx streaming for video files, works perfect.
      For all points there a no functions codes necessary or implement shortcodes - it runs out of the box and makes it easy for everybody, whos a little firm in technical matters. Some guys here in the forum make it really complicated :-)
      I am working with pagelines around 5 years now, and platform 5 / framework 5 is the best tool ever
      BUT i am missing to configure site headlines h1-hx as in DMS possible easy way. It was a great way to make seo sitestructure. now there are lots of empty headlines or headlines or jumped over. in seo this causes errors in sites structure. this should be reworked.
      if you have any questions on pl5 with 1.-5. just ask me here....
      regs, 
      Sascha Mühlen
       
       
       
×