Author Topic: Insecure content from jquery.min.js  (Read 5637 times)

ncopeman

  • Jr. Member
  • **
  • Posts: 58
Insecure content from jquery.min.js
« on: August 27, 2012, 05:47:15 am »
Hi there, i've painfully gone through my site to remove all of the insecure content loaded through SSL and now I only have two files to fix on my checkout.

One is jquery.min.js - loaded through Mowebso. Its loading the below libraries/mowebso/assets  through http instead of https. I suspect it could be 'global $mowebso;' but I don't speak code too well. Is there anyway of loading below / changing the code below to load JURI::base( true ) and then jquery.min.js ? This seems to have fixed quite a few files trying to load http!

Code: [Select]
function loadjQueryLibrary() {
global $mowebso;
$mowebso->addScript('jquery.min.js','libraries/mowebso/assets/js/','text/javascript',false);
}

jjk

  • Global Moderator
  • Sr. Member
  • *
  • Posts: 3636
  • using Matomo instead of Google Analytics
Re: Insecure content from jquery.min.js
« Reply #1 on: August 27, 2012, 18:19:36 pm »
I'm not shure if I'm correct, but an initial solution might be to enable "Use external google jQuery library" in VM2 configuration. As far as I know, the 'Google Ajax API CDN' supports loading SSL via HTTPS.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

PRO

  • Global Moderator
  • Super Hero
  • *
  • Posts: 10401
  • VirtueMart Version: 3+
Re: Insecure content from jquery.min.js
« Reply #2 on: August 27, 2012, 19:23:54 pm »
sounds like you have the "var live" site set to an absolute url. in your configuration.php

J3.9+ VM 3.4.2
Slowest Page Speed Score (88) (Category)
Fastest Page Speed Score (94-96) (productdetails)

ncopeman

  • Jr. Member
  • **
  • Posts: 58
Re: Insecure content from jquery.min.js
« Reply #3 on: August 28, 2012, 01:22:19 am »
I'm not shure if I'm correct, but an initial solution might be to enable "Use external google jQuery library" in VM2 configuration. As far as I know, the 'Google Ajax API CDN' supports loading SSL via HTTPS.

Thanks bud but I don't have an option in config for google jQuery. I'm using 2.0.6 but I do have Virtuemart jQuery selected

ncopeman

  • Jr. Member
  • **
  • Posts: 58
Re: Insecure content from jquery.min.js
« Reply #4 on: August 28, 2012, 01:29:56 am »
sounds like you have the "var live" site set to an absolute url. in your configuration.php

Hi Pro, live_site is blank in configuration.php . The whole insecure content has been a real pain... you can look at everything that i've tried to fix it here:

http://forum.joomla.org/viewtopic.php?f=624&t=731440

Switching off SEF pretty much cleared the 'insecure content' warnings bar a handful. I only now need to fix jquery.min.js from mosoweb.php

jjk

  • Global Moderator
  • Sr. Member
  • *
  • Posts: 3636
  • using Matomo instead of Google Analytics
Re: Insecure content from jquery.min.js
« Reply #5 on: August 28, 2012, 09:32:51 am »
...but I don't have an option in config for google jQuery. I'm using 2.0.6 but I do have Virtuemart jQuery selected

I don't remember in which version that configuration option was added. But I would recommend to update to version 2.0.10 anyway. The longer you wait with the updates, the harder it becomes.  ;)
In newer versions of VM2 the Google jQuery option is in the 'Configuration' - 'Templates' tab.

Another possible option might be to use one of the SSL redirect plugins available in the Joomla Extension Directory, but I never tried this, so I don't know if this provides a solution.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

PRO

  • Global Moderator
  • Super Hero
  • *
  • Posts: 10401
  • VirtueMart Version: 3+
Re: Insecure content from jquery.min.js
« Reply #6 on: August 28, 2012, 13:49:43 pm »
sounds like you have the "var live" site set to an absolute url. in your configuration.php

Hi Pro, live_site is blank in configuration.php . The whole insecure content has been a real pain... you can look at everything that i've tried to fix it here:

http://forum.joomla.org/viewtopic.php?f=624&t=731440

Switching off SEF pretty much cleared the 'insecure content' warnings bar a handful. I only now need to fix jquery.min.js from mosoweb.php

are you using standard joomla SEF
??

J3.9+ VM 3.4.2
Slowest Page Speed Score (88) (Category)
Fastest Page Speed Score (94-96) (productdetails)

ncopeman

  • Jr. Member
  • **
  • Posts: 58
Re: Insecure content from jquery.min.js
« Reply #7 on: August 28, 2012, 15:58:40 pm »
sounds like you have the "var live" site set to an absolute url. in your configuration.php

Hi Pro, live_site is blank in configuration.php . The whole insecure content has been a real pain... you can look at everything that i've tried to fix it here:

http://forum.joomla.org/viewtopic.php?f=624&t=731440

Switching off SEF pretty much cleared the 'insecure content' warnings bar a handful. I only now need to fix jquery.min.js from mosoweb.php

are you using standard joomla SEF
??

Hi Pro, I was using standard joomla SEF - I've turned it off...

PRO

  • Global Moderator
  • Super Hero
  • *
  • Posts: 10401
  • VirtueMart Version: 3+
Re: Insecure content from jquery.min.js
« Reply #8 on: August 28, 2012, 16:51:22 pm »
ok, so at first, I didnt know what "mowebso" was.

So, this is a 3rd party component for mobile sites?


Have you reported this to them??
J3.9+ VM 3.4.2
Slowest Page Speed Score (88) (Category)
Fastest Page Speed Score (94-96) (productdetails)

jjk

  • Global Moderator
  • Sr. Member
  • *
  • Posts: 3636
  • using Matomo instead of Google Analytics
Re: Insecure content from jquery.min.js
« Reply #9 on: August 28, 2012, 17:11:45 pm »
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations