Problem with Users Online IP address Pop Up Box

[Dirty Butter]

Both of our stores are now on 5.2.13 and FireFox Adbock Plus is disabled for both sites.

 

The dirtybutterestates store properly shows the pop up box with information about the user on Users Online in Statistics. 

 

The plushcatalog store shows an empty pop up box. If I open the IP address link in a new tab, instead of just clicking it, the new tab shows the correct information.

 

The statistics.index.inc.php and statistics.index.php files are identical in both stores.

 

Is there some other place I need to compare files to see why one is working properly and the other is not?

[bsmither]

I see that this link uses the colorbox jQuery plugin. Other places that use the colorbox: the 'Help' link at the right-side of the breadcrumb bar and image viewers.

 

Please let us know if the Help link works on both stores.

[Dirty Butter]

The Images Viewer worked correctly on both sites WITHOUT the colorbox change. But there were differences in the /js/plugins/jquery.colorbox-min.js files, so I copied the estates version over to the plushcatalog files and cleared cache on CC and FF. The Help file and IP lookup popup still do not work on plushcatalog.

[bsmither]

"The Help file and IP lookup popup..."?

 

With the Firebug add-on for Firefox, use the Net tab to monitor the traffic going in and out of the browser. (It will help to enable the "Persist" button.)

 

When you click the IP link, you should get this:

http://api.hostip.info/get_html.php?ip=a.b.c.d&position=true

If you don't get an entry for this ajax call, then somehow the ajax functionality of your javascript is toast. Click the Console tab. See if any errors about the javascript is logged to this console.

 

If you do get an entry, click the plus sign to the left of GET. A short window will expand. On the Headers tab, examine the Request Headers. Click the Response tab. Examine what response there is, if any.

[Dirty Butter]

I see this on Console:

 

Blocked loading mixed active content "http://api.hostip.info/get_html.php?ip=24.56.123.195&position=true

 

jquery.min.js line 3

 

I thought the "min" might mean it had something to do with Turbo (on plushcatalog but not on estates), but disabling it did not make a difference.

[bsmither]

I am confident that you have your browser's security settings set thusly:

--> Do not permit http (unsecure) resources on a https (secure) page.

--> Make exceptions for these URLs/domains:

-->--> For the plushcatalog URL (or just the domain dirtybutter.com), no exception listed

-->--> For the dirtybutterestates.com domain, an exception is in the whitelist

 

However, I do not see such a setting in my Firefox browser. Therefore, this capability to deny "mixed content" may be coming from somewhere else.

 

"I thought the "min" might mean it had something to do with Turbo"

 

When you see a 'min' as part of a javascript filename, it means that the file has been converted into a 'minified' version of itself. Among other aspects of doing this, all non-essential whitespace characters are removed, and the long descriptive names of variables are replaced by single letters.

 

Edit: From searching the web, I see that browsers have implemented this "security measure" as a fixed setting. There is no whitelist to be making exceptions.

 

I can do some more research and try to discover why the same browser behaves differently with respect to your two sites -- unless you are not serving your Estates admin pages under SSL???

 

In the meantime, try this: in the file /classes/acp.class.php, line 280, change:

Was:
'http://helpdocs.info/'
 
Now:
'//helpdocs.info/'

Hopefully, helpdocs.info will respond with an https request automatically used by the browser.

 

And do the same edit in the admin skin template file statistics.index.php line 185.

[Dirty Butter]

I didn't try your edits yet. I did goto about:config in FF and changed all the settings I found for mixed to false, rebooted FF, and the IP Lookup and Help popups do work. There should be an about:config edit that would make all dirtybutter mixed settings false, so I could have everything else mixed as the default settings.

 

The estates site is NOT on SSL - that's been the issue.

 

I tested on Chrome as well, so the mixed setting there is not configurable without editing about:config.

[bsmither]

We cannot expect the random visitor to our websites to know what is going on (even though, in this case, it's a situation on an admin page) when things don't work as they should. Making an adjustment to your browser doesn't really resolve the situation. As you have discovered, this problem is very wide-spread.

 

So, trying the edit to remove the protocol (making the URL to have a relative protocol) in an attempt to make a universal fix is the way to go about this.

[Dirty Butter]

I double checked my previous actions, but I had already tried using the relative protocol, and it doesn't work, either.

 

I'm going to try to find a way to add some config settings to FF to make the false toggles on FF only for dirtybutter.com.

[Dirty Butter]

OK I fixed it. The http: part is needed for docs and hostip. I put the FF about:config setting for mixed block back to true. Then when I get the empty popup on FF I can see a gray shield up in the address bar (on the left of the lock). Clicked on the shield and changed the setting to allow mixed content for this site.

 

Because of my FF settings, I lose that mixed content enabled setting when I reboot FF, but that's better than losing the block for other sites all the time.

[bsmither]

"The http: part is needed for docs and hostip."

 

That's unfortunate.