Re: secure site woes
There is a file spacer.gif that is being served without the ssl at the very bottom of the age (after the footer). ~Mahcsig On Wed, Dec 1, 2010 at 10:57 AM, Rob Voyle robvo...@voyle.com wrote: Hi Folks I have a secure site that works fine: https://www.appreciativeway.com/secure/bookstore.cfm When I add variables such as: https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clergy The page becomes a mix of secure and non secure items. The variable is the link origin and changes the header images, however they are in the same format and directory as the secure version. I have tried it on multiple bowsers. IE gives the mixed content message but when I select don't show the non secure items everything shows up. Is the problem the appended url? Is there away to make that secure? Thanks for any help Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339693 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
I can see at least 1 non secure item on the page img src=http://www.clergyleadership.com/images/spacer.gif view-source:http://www.clergyleadership.com/images/spacer.gif alt= border=0 height=400 width=1 / -- Russ Michaels www.cfmldeveloper.com - Supporting the CF community since 1999 FREE ColdFusion/Railo hosting for developers. blog: www.michaels.me.uk ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339694 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
It's been a while since I had to set this up, but are you using relative or absolute paths for the images? Being in the same directory stopped mattering years ago, but using https may be the issue. So if images are being referenced like so: img src=../images/myimage.gif You MAY have issues I'd suggest trying img src=https://www.appreciativeway.com/secure/images/myimage.gif; again...it's been a while and I may way off base regardless, something changes when you use the URL paramtry viewing the source to see what is different and make it the same ;-) Cheers On Wed, 2010-12-01 at 10:57 -0800, Rob Voyle wrote: Hi Folks I have a secure site that works fine: https://www.appreciativeway.com/secure/bookstore.cfm When I add variables such as: https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clergy The page becomes a mix of secure and non secure items. The variable is the link origin and changes the header images, however they are in the same format and directory as the secure version. I have tried it on multiple bowsers. IE gives the mixed content message but when I select don't show the non secure items everything shows up. Is the problem the appended url? Is there away to make that secure? Thanks for any help Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339695 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
img src=http://www.clergyleadership.com/images/spacer.gif view-source:http://www.clergyleadership.com/images/spacer.gifalt=border=0height=400width=1/ This image is loading over http. There may be more, I didn't search beyond that. Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog On 12/1/2010 1:57 PM, Rob Voyle wrote: Hi Folks I have a secure site that works fine: https://www.appreciativeway.com/secure/bookstore.cfm When I add variables such as: https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clergy The page becomes a mix of secure and non secure items. The variable is the link origin and changes the header images, however they are in the same format and directory as the secure version. I have tried it on multiple bowsers. IE gives the mixed content message but when I select don't show the non secure items everything shows up. Is the problem the appended url? Is there away to make that secure? Thanks for any help Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339696 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
Hey Bryan, Actually using img src=../images/myimage.gif is fine, as this will be relative to the current url, so will use http or https using img src=https://www.appreciativeway.com/secure/images/myimage.gif; as you suggest will force all images to use the SSL even though he page is not. So relative is better. Adding a query string does not cause an issue, nor does it change image paths, having a hard coded http in your url's does however cause an issue as this is still the url for the image even when you use https for the page, thus you get non secure items on the page. On Wed, Dec 1, 2010 at 7:02 PM, Bryan Stevenson br...@electricedgesystems.com wrote: It's been a while since I had to set this up, but are you using relative or absolute paths for the images? Being in the same directory stopped mattering years ago, but using https may be the issue. So if images are being referenced like so: img src=../images/myimage.gif You MAY have issues I'd suggest trying img src=https://www.appreciativeway.com/secure/images/myimage.gif; again...it's been a while and I may way off base regardless, something changes when you use the URL paramtry viewing the source to see what is different and make it the same ;-) Cheers On Wed, 2010-12-01 at 10:57 -0800, Rob Voyle wrote: Hi Folks I have a secure site that works fine: https://www.appreciativeway.com/secure/bookstore.cfm When I add variables such as: https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clergy The page becomes a mix of secure and non secure items. The variable is the link origin and changes the header images, however they are in the same format and directory as the secure version. I have tried it on multiple bowsers. IE gives the mixed content message but when I select don't show the non secure items everything shows up. Is the problem the appended url? Is there away to make that secure? Thanks for any help Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339697 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
Hi Guys Thanks a bunch. That image was the problem. converting it to a relative path solved the problem. Much appreciated. Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 On 1 Dec 2010 at 11:01, Mahcsig wrote: There is a file spacer.gif that is being served without the ssl at the very bottom of the age (after the footer). ~Mahcsig On Wed, Dec 1, 2010 at 10:57 AM, Rob Voyle robvo...@voyle.com wrote: Hi Folks I have a secure site that works fine: https://www.appreciativeway.com/secure/bookstore.cfm When I add variables such as: https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clerg y The page becomes a mix of secure and non secure items. The variable is the link origin and changes the header images, however they are in the same format and directory as the secure version. I have tried it on multiple bowsers. IE gives the mixed content message but when I select don't show the non secure items everything shows up. Is the problem the appended url? Is there away to make that secure? Thanks for any help Rob Robert J. Voyle, Psy.D. Director, Clergy Leadership Institute For Coaching and Training in Appreciative Inquiry Author: Restoring Hope: Appreciative Strategies to Resolve Grief and Resentment http://www.appreciativeway.com/ 503-647-2378 or 503-647-2382 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag= houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:33 9693 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339698 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: secure site woes
On Wed, 2010-12-01 at 19:08 +, Russ Michaels wrote: Hey Bryan, Actually using img src=../images/myimage.gif is fine, as this will be relative to the current url, so will use http or https using img src=https://www.appreciativeway.com/secure/images/myimage.gif; as you suggest will force all images to use the SSL even though he page is not. So relative is better. Good...wasn't 100% sure on that onebut clearly correct on using http:// instead of https:// ;-) Adding a query string does not cause an issue, nor does it change image paths, Well then you took me FAR too literally ;-) It's the impact of what the URL param is used for If the URL param changes the header, then yes the URL param DOES change the HTML returned to the client and that is where the issue may lie (in this case apparently not) having a hard coded http in your url's does however cause an issue as this is still the url for the image even when you use https for the page, thus you get non secure items on the page. Yep...that is a deal killer for sure Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: br...@electricedgesystems.com web: www.electricedgesystems.com Notice: This message, including any attachments, is confidential and may contain information that is privileged or exempt from disclosure. It is intended only for the person to whom it is addressed unless expressly authorized otherwise by the sender. If you are not an authorized recipient, please notify the sender immediately and permanently destroy all copies of this message and attachments. Please consider the environment before printing this e-mail ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:339699 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
