Advertisement:

Author Topic: [solved] Odd thing happen when i enable SSL on my osclass, layout is broken  (Read 1673 times)

mattlok

  • Newbie
  • *
  • Posts: 40
Hey Everybody,

I just recently added SSL cert to my OSclass website after the fact of setting up and everything.

Now when i hit it, my page is all over the place and the layout is definitely broken. 

My browser gives me a message saying that "Parts of this page are not secure (such as images)" and "You have not granted this site any special permissions"

If i hit my site using http it works fine.

I know google had this crazy thing to get everyone to use https for all (even if you are not doing ecommerce or if it's just a simple html page) which is great.

But here is what they are saying should be done:

- Use relative URLs for resources that reside on the same secure domain. For example, use <a href="/about/ourCompany.php"> to refer to a page on your site example.com, rather than <a href="https://example.com/about/ourCompany.php">. Doing so ensures your links and resources always use HTTPS. It also has the side benefit of making local development less error prone because images, pages, and other resources are loaded from your local development environment instead of the production environment.

- Use protocol relative URLs for all other domains (e.g. //petstore.example.com/dogs/biscuits.php), or update your site links to link directly to the HTTPS resource.

https://support.google.com/webmasters/answer/6073543?hl=en

So i am thinking that this is probably why my website looks funny in https vs http.  I am also thinking that if i had started with my OSclass https setup, everything would look normal. (perhaps).

With that being said, once I apply my URL rewrite to force http to https, my website will not look the same as the http.

So, I guess the big question is:

a) has anyone ran into this issue before
b) if so, what was the solution
c) if i had to change my URLs to relative paths, is there a plugin that can do that
d) or do i need to this for all my web pages and CSS files

Any help is greatly appreciated. (please be nice)  :)
« Last Edit: March 29, 2016, 12:49:05 pm by mattlok »

_CONEJO

  • Administrator
  • Hero Member
  • *****
  • Posts: 4689
Modify your osclass' config.php file (on top of your osclass' folder, change yoru WEB_PATH to "https://......" if you want always enabled https (recommended)
OR something like this if you want to have ssl on/off depends on the user

Code: [Select]
$protocol = ( (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO']=='https')) ? 'https' : 'http';
define('WEB_PATH', $protocol . "//yourdomain.com/osclass/path/");

mattlok

  • Newbie
  • *
  • Posts: 40
Hi _CONEJO,

Thank-you so much.

That worked out so perfectly.

i went with the "WEB_PATH to "https://......" if you want always enabled https (recommended)"

My http still works too.  Now I can apply the URL Rewrite.

Thanks again.

_CONEJO

  • Administrator
  • Hero Member
  • *****
  • Posts: 4689
WEB_PATH is used to generate all internal URLS (and that incldues urls for images, JS and CSS files), WEB_PATH is not used to check the url you are in.

For example, if your WEB_PATH is "https" but you configure your webserver to accept both, http and https protocols, your webpage is accessible by both, but if you went to the http version, all JS, css, images and links will point to the httpS version.

From a http page, you could load content from https without any problem, but the other way around (web_path set to http, but reach your page from a https url), the browser will prompt you with the warning, because you are on a "secure" page, but some (at least one) content is not secure.