Dirty Butter Posted September 1, 2014 Share Posted September 1, 2014 Both of our stores are now on 5.2.13 and FireFox Adbock Plus is disabled for both sites. The dirtybutterestates store properly shows the pop up box with information about the user on Users Online in Statistics. The plushcatalog store shows an empty pop up box. If I open the IP address link in a new tab, instead of just clicking it, the new tab shows the correct information. The statistics.index.inc.php and statistics.index.php files are identical in both stores. Is there some other place I need to compare files to see why one is working properly and the other is not? Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 1, 2014 Share Posted September 1, 2014 I see that this link uses the colorbox jQuery plugin. Other places that use the colorbox: the 'Help' link at the right-side of the breadcrumb bar and image viewers. Please let us know if the Help link works on both stores. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 1, 2014 Author Share Posted September 1, 2014 The Images Viewer worked correctly on both sites WITHOUT the colorbox change. But there were differences in the /js/plugins/jquery.colorbox-min.js files, so I copied the estates version over to the plushcatalog files and cleared cache on CC and FF. The Help file and IP lookup popup still do not work on plushcatalog. Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 1, 2014 Share Posted September 1, 2014 "The Help file and IP lookup popup..."? With the Firebug add-on for Firefox, use the Net tab to monitor the traffic going in and out of the browser. (It will help to enable the "Persist" button.) When you click the IP link, you should get this:http://api.hostip.info/get_html.php?ip=a.b.c.d&position=true If you don't get an entry for this ajax call, then somehow the ajax functionality of your javascript is toast. Click the Console tab. See if any errors about the javascript is logged to this console. If you do get an entry, click the plus sign to the left of GET. A short window will expand. On the Headers tab, examine the Request Headers. Click the Response tab. Examine what response there is, if any. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 2, 2014 Author Share Posted September 2, 2014 I see this on Console: Blocked loading mixed active content "http://api.hostip.info/get_html.php?ip=24.56.123.195&position=true jquery.min.js line 3 I thought the "min" might mean it had something to do with Turbo (on plushcatalog but not on estates), but disabling it did not make a difference. Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 2, 2014 Share Posted September 2, 2014 I am confident that you have your browser's security settings set thusly: --> Do not permit http (unsecure) resources on a https (secure) page. --> Make exceptions for these URLs/domains: -->--> For the plushcatalog URL (or just the domain dirtybutter.com), no exception listed -->--> For the dirtybutterestates.com domain, an exception is in the whitelist However, I do not see such a setting in my Firefox browser. Therefore, this capability to deny "mixed content" may be coming from somewhere else. "I thought the "min" might mean it had something to do with Turbo" When you see a 'min' as part of a javascript filename, it means that the file has been converted into a 'minified' version of itself. Among other aspects of doing this, all non-essential whitespace characters are removed, and the long descriptive names of variables are replaced by single letters. Edit: From searching the web, I see that browsers have implemented this "security measure" as a fixed setting. There is no whitelist to be making exceptions. I can do some more research and try to discover why the same browser behaves differently with respect to your two sites -- unless you are not serving your Estates admin pages under SSL??? In the meantime, try this: in the file /classes/acp.class.php, line 280, change: Was: 'http://helpdocs.info/' Now: '//helpdocs.info/' Hopefully, helpdocs.info will respond with an https request automatically used by the browser. And do the same edit in the admin skin template file statistics.index.php line 185. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 2, 2014 Author Share Posted September 2, 2014 I didn't try your edits yet. I did goto about:config in FF and changed all the settings I found for mixed to false, rebooted FF, and the IP Lookup and Help popups do work. There should be an about:config edit that would make all dirtybutter mixed settings false, so I could have everything else mixed as the default settings. The estates site is NOT on SSL - that's been the issue. I tested on Chrome as well, so the mixed setting there is not configurable without editing about:config. Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 2, 2014 Share Posted September 2, 2014 We cannot expect the random visitor to our websites to know what is going on (even though, in this case, it's a situation on an admin page) when things don't work as they should. Making an adjustment to your browser doesn't really resolve the situation. As you have discovered, this problem is very wide-spread. So, trying the edit to remove the protocol (making the URL to have a relative protocol) in an attempt to make a universal fix is the way to go about this. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 2, 2014 Author Share Posted September 2, 2014 I double checked my previous actions, but I had already tried using the relative protocol, and it doesn't work, either. I'm going to try to find a way to add some config settings to FF to make the false toggles on FF only for dirtybutter.com. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 2, 2014 Author Share Posted September 2, 2014 OK I fixed it. The http: part is needed for docs and hostip. I put the FF about:config setting for mixed block back to true. Then when I get the empty popup on FF I can see a gray shield up in the address bar (on the left of the lock). Clicked on the shield and changed the setting to allow mixed content for this site. Because of my FF settings, I lose that mixed content enabled setting when I reboot FF, but that's better than losing the block for other sites all the time. Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 2, 2014 Share Posted September 2, 2014 "The http: part is needed for docs and hostip." That's unfortunate. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.