XF 1.2 Check $_SERVER in config.php

MattW

MattW

Well-known member
Basically, I've had a few members trying to access the site via SSL, and they get various errors with scripts being blocked by their browsers due to them being served via the HTTP CDN (such as the RTE not loading).

So, I've put this in config.php (which fixes the issue)
PHP: 
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
{
$config['javaScriptUrl'] = 'https://shopz22se.r.worldssl.net/js';
$config['externalDataUrl'] = 'https://shopz22se.r.worldssl.net/data';
} else {
$config['javaScriptUrl'] = 'http://data.z22se.org.uk/js';
$config['externalDataUrl'] = 'http://data.z22se.org.uk/data';
}

Can anyone think of any problems doing that may cause?
 
Sort by date Sort by votes
The only conflict I can possibly think of is a mix of https and normal http could technically trigger a browser warning that some of your content is not secure.

As you SSL Certificate maybe only registered with https
 
Upvote 0 Downvote
Adam Howard said:
The only conflict I can possibly think of is a mix of https and normal http could technically trigger a browser warning that some of your content is not secure.

As you SSL Certificate maybe only registered with https
Click to expand...
I'm not fussed about it warning that some content isn't secure (images etc), it was when loading the editor it was totally blocking it from loading.

upload_2013-10-16_21-7-0.webp

I think you can click the little shield to allow it through, but none of the users new about that (I saw it in Chrome as well).

The SSL is only properly set up for my shop anyway on the same domain.
 
Upvote 0 Downvote
MattW said:
I'm not fussed about it warning that some content isn't secure (images etc), it was when loading the editor it was totally blocking it from loading.

View attachment 59184

I think you can click the little shield to allow it through, but none of the users new about that (I saw it in Chrome as well).

The SSL is only properly set up for my shop anyway on the same domain.
Click to expand...
If you're not worried about it, then as far as I know ... I don't see a problem.

Of course as a word of caution.... Some people see those warnings and assume something isn't right or safe and "run away". Chrome is going to be your biggest issue as I've seen past versuon of Chrome display that full red page on mixed https / http as if your site was somehow dangerous (as least that is the impression it can give)
 
Upvote 0 Downvote
Adam Howard said:
If you're not worried about it, then as far as I know ... I don't see a problem.

Of course as a word of caution.... Some people see those warnings and assume something isn't right or safe and "run away". Chrome is going to be your biggest issue as I've seen past versuon of Chrome display that full red page on mixed https / http as if your site was somehow dangerous (as least that is the impression it can give)
Click to expand...
Cheers Adam, I'm actually just going through all the stuff now so I can actually make it 100% https anyway (just using the shared SSL from the CDN provider)
 
Upvote 0 Downvote
Changed my mind. This should fix the issue with people using SSL and it not loading the editor ;)

Code: 
        # force HTTP
        RewriteCond %{HTTPS} =on
        RewriteRule !^(shop)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
        #
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

C
StackPath integration with XenForo - image attachments not being served from CDN
Replies
12
Views
910
TPerry
TPerry
Goose
  • Question Question
XF 2.2 Config.php to use multiple cdns
Replies
2
Views
598
Kirby
K
gldtn
Redirection on inline moderation
Replies
4
Views
537
specials
S
N
  • Question Question
XF 2.2 ERR_TOO_MANY_REDIRECTS
Replies
2
Views
341
K a M a L
K
Black Tiger
  • Question Question
Adsense randomly not displaying on threadview. Other ads no issue.
Replies
4
Views
639
Black Tiger
Black Tiger
Top Bottom