[SOLVED] osclasswizard and the ssl/https validation problem

[BW]

Hi!

I don't know is it the general issue or the fault of osclasswizard theme. I use OSClass with osclasswizards theme and I've added a SSL certificate to my domain. Right now my site is visible by https:// connection. I've updated the config.php file, so right now the services web address is https://. But still there is a small issue. Some of the content of my site is not secured. I wonder how can I check, which file of my site is trying to download and what through http:// connection? I remember when I tried to fix this problem (it is still unfixed): http://forums.osclass.org/general-help/how-to-change-the-font-on-my-website/msg143726/#msg143726 that the osclasswizard theme is trying to download google fonts with http:// connection and not through https:// - I didn't know why and still, I don't know that.

Can you help me?

Best regards!

[BW]

PS.

Firebug plugin for FireFox returns me information about two issues (requestes):


2 "NetworkError: 400 Bad Request - https://fonts.googleapis.com/css?family=Open+Sans+Condensed"
https://fonts.googleapis.com/css?family=Open+Sans+Condensed

1)
https://fonts.googleapis.com/css?family=Open+Sans+Condensed

Google Fonts

Error (400): Missing font family

The requested font families are not available.

Requested: Open Sans Condensed (style: normal, weight: 400)

For reference, see the Google Fonts API documentation.

2)
https://fonts.googleapis.com/css?family=Open+Sans+Condensed

Google Fonts

Error (400): Missing font family

The requested font families are not available.

Requested: Open Sans Condensed (style: normal, weight: 400)

For reference, see the Google Fonts API documentation.



There is a warning: "Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.googleapis.com/css?family=Open+Sans:300,400,700” na zabezpieczonej stronie" A mixed insecure content on secured website.

Can you help me?

[BW]

PS2. Partly solved.

I have edited a file:

oc-content/themes/osclasswizards/css/main.css

and I have replaced http:// with https://

Right now my site is "green". But firebug still shows two issues:

"NetworkError: 400 Bad Request - https://fonts.googleapis.com/css?family=Open+Sans+Condensed"

Any tip?

[BW]

I have changed a font on Open Sans - it works, however the list of fonts in a section:

/oc-admin/index.php?page=appearance&action=render&file=oc-content/themes/osclasswizards/admin/settings.php#theme-style
 
is a little bit to short in my opinion. I'd like to use some google fonts, there are out of the list. A little tip, where can I modufy this list?

Best regards!

[teseo]

Hi,

Look in osclasswizards/admin/theme-style.php, there's the code for Google Fonts selector:

Code: [Select]

<div class="form-label"><?php _e('Google fonts', OSCLASSWIZARDS_THEME_FOLDER); ?></div>
                <div class="form-controls">
                    <select name="google_fonts">
<option value="Abel" <?php if($google_fonts == "Abel"){ echo "selected='selected'" ; } ?>>Abel</option>
<option value="Abril+Fatface" <?php if($google_fonts == "Abril+Fatface"){ echo "selected='selected'" ; } ?>>Abril Fatface</option>
You can insert new options there.

Regards

[BW]

Hi Teseo!

Thank you for your replay. It is usefull tip but I have noticed that the problem came back. Any other font from the list except the Open Sans (see I've corrected the main.css) is download with the http protocol, not the https. Somewhere in the code still there is a bug. Osclaswizards uses http addresses in a google fonts domain. Do you know, how to make it correct?

For example now I am using PT Sans and the firebug plugin of FireFox shows me a warning:

2
Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.googleapis.com/css?family=PT+Sans” na zabezpieczonej stronie
Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.gstatic.com/s/ptsans/v8/ATKpv8nLYAKUYexo8iqqrg.woff2” na zabezpieczonej stronie
Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.gstatic.com/s/ptsans/v8/9kaD4V2pNPMMeUVBHayd7vY6323mHUZFJMgTvxaG2iE.woff2” na zabezpieczonej stronie

See by yourself. Here is a link to my site:

Code: [Select]

https://t.co/zL4SmX817F

Best regards!

[BW]

PS. I have added a new font, Lato, to the list:

Code: [Select]

<div class="form-row">
                <div class="form-label"><?php _e('Google fonts', OSCLASSWIZARDS_THEME_FOLDER); ?></div>
                <div class="form-controls">
                    <select name="google_fonts">
<option value="Lato" <?php if($google_fonts == "Lato"){ echo "selected='selected'" ; } ?>>Lato</option>
<option value="Abel" <?php if($google_fonts == "Abel"){ echo "selected='selected'" ; } ?>>Abel</option>

And it works. I have got Lato font on my site, but also, there is still the same SSL warning - the mixed content. Firebug plugin for FireFox shows me:

Code: [Select]

Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.googleapis.com/css?family=Lato” na zabezpieczonej stronie
Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.gstatic.com/s/lato/v13/1YwB1sO8YE1Lyjf12WNiUA.woff2” na zabezpieczonej stronie
Wczytywanie mieszanej (niezabezpieczonej) interaktywnej treści „http://fonts.gstatic.com/s/lato/v13/UyBMtLsHKBKXelqf4x7VRQ.woff2” na zabezpieczonej stronie

I guess the strip $google_fonts in a code is defined by http. But where is this strip defined? It has to be repaired to validate my domain with SSL encryption.

Best regards!

[teseo]

You need to change a few lines inside the theme to stop those errors from happening. As far as I can see:

osclasswizards/functions.php

Code: [Select]

echo "<link href='http://fonts.googleapis.com/css?family=".osclasswizards_google_fonts()."' rel='stylesheet' type='text/css'>";
osclasswizards/item-sidebar.php
osclasswizards/user-public-profile.php

Code: [Select]

<figure><img class="img-responsive" src="http://www.gravatar.com/avatar/<?php echo md5( strtolower( trim( osc_user_email() ) ) ); ?>?s=400&d=<?php echo osc_current_web_theme_url('images/default.gif') ; ?>" /></figure>
osclasswizards/css/main.css

Code: [Select]

@import url(http://fonts.googleapis.com/css?family=Open+Sans:300,400,700);
Replace all those "http://" with "//" (this means "http://" or "https://" indistinctly).

Regards

[BW]

Thx @teseo! As always, you are the best! You helped me once again.

Best regards!

[teseo]

You're welcome.

Regards