Jump to content
infogroupsmb

PL adding https to stylesheet links

Recommended Posts

infogroupsmb

post-35879-0-86195700-1366917855_thumb.pWP v3.5.1

PL v2.4

Only part of the domain is on WP, ex: http://www.infousa.com/mailing-list/

 

So this behavior has happened twice now, with no apparent cause.  A week ago when saving Site Options PL added https to several of the stylesheet links.  I could tell it was PL because the ones that I en-queued weren't https, just the PL ones.  This caused the pages to fail to render properly.  

 

Just today my boss deleted a couple user accounts, which may have caused PL to save settings again, and all of a sudden we had https back for the PL stylesheets and the site wouldn't render.

 

In both cases the solution was to go back into the PageLines > Site Options and just save.  then the stylesheets were restored to regular http.

 

No one was logged in under https as the admin interface won't even load if I try https.  

 

I'm attaching a screen shot of the stylesheet links as they are now, and I highlighted a few of the stylesheets that were turned into https links.  

 

Though we have a fix once it breaks it isn't acceptable for us to move our whole www domain to WP/PL if it randomly switches to https so we need to figure out the cause and a preventative fix.

Share this post


Link to post
Share on other sites
Simon

There is no setting that would make those urls ssl.

 

1. the page is ssl, so the css urls are made ssl too, this is done by wordpress.

2. you have added a filter to force a page ssl.

3. you are using a plugin to force a page as ssl.

 

You are using the framework in a different folder and are also using an older version.

 

I have no idea what the Header and Footer sections are.

 

The sections caches and css are stored in the database to save process time. So what *might* be happening is the cache times out, someone views a https url, stuff is cached so the non https urls share the same data.

 

Using mixed ssl/non-ssl pages are always going to be a hack. Thats why if your going to use one, just add the actions/filters described many times in the forums here to force all the css urls to be ssl. Then the pages will always be secure and work.

Share this post


Link to post
Share on other sites
infogroupsmb

To go through the list you had:

 

1. the page isn't SSL.

2. There are no filters to force a page to SSL.

2. There are no plugins installed to force a page to SSL.

 

We are using a child theme of the pagelines theme, our childtheme folder is DotComWordpress

 

The header/footer sections are sections we created, and earlier developer than myself.  They are customized to the particular look and feel that we needed.  The header/footer sections are fed to our .net application side whenever the PageLines > Page Options are saves or any WP Menu is saved.  Part of the .net application is SSL and in order for it to properly display the content being fed to it by WP the links within the header/footer sections are done in https.  

 

However, the stylesheet links in the actual head tag aren't sent to the .net app, and aren't supposed to be https.  The only ones that ever switch are the PL stylesheets and it only seems to happen when a PL setting is saves.  I definitely know that to undo it we simple go in to PL and save the Page Options.  That is why PL is the suspected cause.

 

In playing around I was able to reproduce the exact opposite effect.  If you go to https://test-cms.infousa.com/mailing-list/  you'll see that the scripts and child stylesheet switch to https, but the PL sections stylesheets do not.  That causes the page to fail to render properly as those stylesheets aren't accessible.  

 

The same thing randomly happens in our production environment in reverse.  The scripts and child stylesheet load in http, but the section stylesheets load in https and due to our domain being split over 2 different sets of servers (WP and .net app) the F5 machine doesn't have the SSL certs for the WP server and can't authenticate them and pass them on so the https requrests get blocked.

 

I don't quite follow the statement "The sections caches and css are stored in the database to save process time. So what *might* be happening is the cache times out, someone views a https url, stuff is cached so the non https urls share the same data."  Can you elaborate how this could happen?

Share this post


Link to post
Share on other sites
James B

Hi there,

 

I'm not a developer but following what Simon's mentioned above you'll need to use the following filter to force the css and sections to be ssl.

add_action( 'pl_force_ssl', '__return_true' );Use the above to force the css to be ssl "

The full thread relating to the above code can be found here - http://www.pagelines.com/forum/topic/24601-compiled-css-not-converting-to-https/?hl=force+ssl#entry143423


Kindly search the forum and read the documentation before posting. It will help you resolve many issues.

For CSS help be sure to check out W3Schools first and be sure to download FireBug for FireFox for troubleshooting.

James B

Share this post


Link to post
Share on other sites
infogroupsmb

Well the problem is that the links are being forced to SSL...and we don't want them to be.  And it appears to randomly occur when PL settings are saves, sometimes their SSL, sometimes not.  Is there a pl_force_not_ssl or can pl_force_ssl be set to __return_false to guarantee the css isn't ever put into ssl?

Share this post


Link to post
Share on other sites
James B

The page css should be non ssl as standard, so its something between having half the site using ssl and half not that seems to be causing the problem.

 

There's no hook for pl_force_not_ssl that I'm aware of, I'd imagine setting the ssl to return false would be the same as what the normal framework does anyway.

 

I will check with the developer what the options would be to set the css/sections to never cache and re-generate on each page, to see if this would be a possible solution.


Kindly search the forum and read the documentation before posting. It will help you resolve many issues.

For CSS help be sure to check out W3Schools first and be sure to download FireBug for FireFox for troubleshooting.

James B

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Similar Content

    • marshallsolutions
      By marshallsolutions
      For the site https://marshallsirishpub.com I am running
      Wordpress 4.9.4
      Pagelines base theme 1.0.2
      Pagelines Framework 2.5.0
      The share bar specifically Stumble Upon is causing an error when checking SSL for HTTPS at whynopadlock.com.  Here is the errors shown:
      A file with an insecure url of "http://cdn.stumble-upon.com/js/badge_su.js?v=20120613" was loaded on line: 1 of https://www.stumbleupon.com/badge/embed/2/?url=https%3A%2F%2Fmarshallsirishpub.com%2F.
      A file with an insecure url of "http://cdn.stumble-upon.com/css/badges_su.css?v=20120613" was loaded on line: 1 of https://www.stumbleupon.com/badge/embed/2/?url=https%3A%2F%2Fmarshallsirishpub.com%2F.

      Errors that are reported on line 1 are generally not part of the source code. This error may be caused by an external javascript file which is writing to the page, however we are unable to reliably detect these scripts in our automated test.
      Please contact us using the "Need Help?" link below if you need assistance with resolving this error.
      I contacted support at Really Simple SSL which is the plugin we use to convert the site to HTTPS via SSL.  They said I should contact you guys.  Here is what their support had to say via email:
      the sharing bar seems to load the Stumbleupon script over http:// despite being trying to redirect it to https://. The cdn.stumbleupon doesn't seem to have an SSL certificate and therefore refuses to load over https://. I'd suggest to contact the developer of the sharing plugin, the Stumbleupon button can de designed in another way, without it trying to load a script over http://.
      So it seems I need to modify some file in pagelines to make the stumble upon portion of the share bar to read https and not http.  If that's not possible then I need to remove stumble upon from the share bar.
      Thanks.
    • yemoonyah
      By yemoonyah+
      Hi, even though I just got a SSL certificate, I can't get the green padlock to appear due to the following error:
      :A file with an insecure url of "http://yemoonyah.com/wp-content/plugins/pl-section-boxes/check.svg" was loaded via the javascript file: https://yemoonyah.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 on line 3. The insecure URL may not be directly contained in the script file and may exist elsewhere."
      I figured if I delete and re-install the plugin it might fix the problem but will my boxes on the website still be there? Or do I have to redesign everything all over again if I delete the plugin and then re-install it?
    • israelgenealogy
      By israelgenealogy
      I have an old PageLines site that I recently got working with SSL, but there are mixed content errors. There are two problems I've found. One is the search button icon called from forms.less:
      url(@{plRoot}/images/search-btn@2x.png)
      The second is when PageLines loads FontAwesome from icons.less:

      url('@{iconFont}.eot?v=3.0.1');

      Where is similarly loads the font using http. Any idea why these are loading using http instead of https, and is there a simple way to fix these? I know I need to upgrade the theme, but it's a major project, so for the moment I'd just like to get these secured before taking on switching themes/frameworks.
    • Dan Haddock
      By Dan Haddock
      Plugins Active and installed: 
      Akismet Anti-Spam
      Coming Soon Page & Maintenance Mode by SeedProd
      Contact Form 7
      Cookie Law Info
      DMS Professional Tools  
      Enhanced Media Library  
      Flamingo
      Google Analytics for WordPress by MonsterInsights
      Google XML Sitemap
      Jetpack by WordPress.com
      Legull 
      Loginizer   
      MailChimp for WordPress
      PageLines Updater    
      Schema App Structured Data 
      Sucuri Security - Auditing, Malware Scanner and Hardening
      Uber reCaptcha    
      Yoast SEO
      Wordpress Version: 4.8.1
      Pagelines Version: 2.2.4
       
      Good Evening/Afternoon or Morning, 
      I am running into a problem with CSS styling not applying inside of most browsers (Safari, Firefox) when I am logged in to wordpress, and all browsers that I have tested when I am logged off and the site has been made public (Chrome, Firefox and Safari).
      As a result, I have managed to identify the probable cause. It looks as though these browsers are refusing to render my sites compiled CSS file due to it being a HTTP URL rather than HTTPS.
      I have attempted to change this URL to HTTPS in my browser, however it brings back an ERROR: File not found page - https://www.shortfilmblog.com/wp-content/uploads/pagelines/compiled-css-core-1505847507.css
      What would you suggest in this regard? Would this be resolvable from your end?
      Happy to provide any further details required.
×