keat Posted May 20, 2016 Share Posted May 20, 2016 I've had a product review recently, and noticed that when it's published it breaks the site security. I initially assumed it was becuase the customer put a link to his site, but even after removing his link, I lose HTTPS for that product. V6.10 using the Mican Skin Quote Link to comment Share on other sites More sharing options...
bsmither Posted May 20, 2016 Share Posted May 20, 2016 This skin, and others, use a service provided by Gravatar, a place that the public can make available an image to represent oneself. Whether that be an actual headshot, cartoon image, or whatever. The URL to the Gravatar service is fixed at http: which will cause browsers to complain about mixed security on pages served from https: sites. In the template file content.product.php, find near line 163: <a href="http://gravatar.com/emails/"><img src="http://www.gravatar.com/avatar/{$review.gravatar}?s=50&r=g" /></a>{$review.review} Change to: <a href="//gravatar.com/emails/"><img src="//www.gravatar.com/avatar/{$review.gravatar}?s=50&r=g" /></a>{$review.review} By removing the protocol, we delegate to the browser the responsibility to decide which protocol to use to fetch the resource from the Gravatar service. The browser will use the same protocol that was used to fetch the product page - thus no more mixed security on that page. Quote Link to comment Share on other sites More sharing options...
keat Posted May 20, 2016 Author Share Posted May 20, 2016 Thanks Brian. I did try the code change but it didn't work, the https was still broken. However, I did change the line: <a href="http://gravatar.com/emails/"><img src="http://www.gravatar.com/avatar/{$review.gravatar}?s=50&r=g" /></a>{$review.review} to state https://, and this seems to have fixed it. Quote Link to comment Share on other sites More sharing options...
bsmither Posted May 20, 2016 Share Posted May 20, 2016 Interesting. I wonder if your browser was fixated on using what it already had when it fetched the resource from before. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.