• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 How to use XenForo proxy link system for links not in messages

giorgino

Well-known member
#1
I've some links that aren't in messages that I need to "secure" with the XenForo proxy link system.
Is it possibile? How?

Thanks in avance :)
 

giorgino

Well-known member
#5
Ok :(
In general how to bypass the "unsecure" link issue? Do you have some suggestions or it is a common unsolved webmaster torture?
 

Mike

XenForo developer
Staff member
#6
I'm not sure what problem you're trying to solve. The link proxy is mostly for logging purposes. What issue are you trying to resolve?
 

melbo

Well-known member
#7
Probably trying to get rid of a mixed content warning by a non https link in the sidebar or something.

I had this happen with one of my direct advertisers and my workaround was to place a 301 redirect in my ssl.conf file:
kindof hackish but it suppressed the SSL warnings
 

giorgino

Well-known member
#8
What issue are you trying to resolve?
Like @melbo said, I'm trying to resolve this issue
Probably trying to get rid of a mixed content warning by a non https link in the sidebar or something.
I've two sponsors widget that call http URLs and some browsers like Chrome don't display the ad because are "insecure content"

One is
HTML:
<iframe src="http://www.idealista.it/static/it/partners/immobilio/buscador.html" frameborder="0" scrolling="no" width="100%" height="250"></iframe>
and another is
HTML:
<!--Inizio script Imobilio -->
<SCRIPT LANGUAGE="JavaScript" >
var prmstr = window.location.search.substr(1);
var prmarr = prmstr.split ("&");
var str = '';

for ( var i = 0; i < prmarr.length; i++) {
    var tmparr = prmarr[i].split("=");
    if (tmparr[0]=='ip' || tmparr[0]=='pv') {
        str = tmparr[0]+'='+tmparr[1]+'&';
     }
   
}
var pathname = escape(window.location.pathname);
var d=window.location.hostname;
ord=Math.random();
ord=ord*10000000000000000000;
document.write('<SCR' + 'IPT id="bannerPlaceProfessionisti" LANGUAGE="JavaScript" SRC="http://st.teknoring.it/bannerLibri/ext/banner-250-immobilio.php?'+str+'ord='+ord+'&cu=%%CLICK_URL_ESC%%&filter='+pathname+'&d='+d+'"><\/SCR' + 'IPT>');
</SCRIPT>
<!--Fine script Imobilio -->
@Mike Can XenForo proxy link system contribute to solve this?
@melbo Can your workaround contribute to solve this?
@all Can someone help me? :)
 

melbo

Well-known member
#9
I put this 301 redirect in my ssl.conf (or .htaccess) file for exactly the same reason. Had a sidebar advertisment to a non-ssl store.
Code:
# Adverts to SSL
redirect 301 /reosolar/ http://www.reosolar.com/
Then I changed the link on the banner to https://www.mydomain.com/reosolar/
Like I mentioned, it's ugly but it worked fine as a manual proxy
 

giorgino

Well-known member
#10
I put this 301 redirect in my ssl.conf (or .htaccess) file for exactly the same reason. Had a sidebar advertisment to a non-ssl store.
Code:
# Adverts to SSL
redirect 301 /reosolar/ http://www.reosolar.com/
Thank you @melbo, in my case, can I use this?
Code:
# Adverts to SSL
redirect 301 /idealista/ http://www.idealista.it/
 

giorgino

Well-known member
#12
Yes, just change the link on the banner to https://www.yourdomain.com/idealista/ and after restarting apache, it will redirect and not give mixed content warnings
:( don't work for me...

redirection work as expected, but Chrome don't display the widgets.
Here my steps:

in .htaccess
Code:
# Adverts to SSL
redirect 301 /idealista/ http://www.idealista.it/
redirect 301 /teknoring/ http://st.teknoring.it/
URLs modified as follow

Code:
http://www.idealista.it/static/it/partners/immobilio/buscador.html
transformed in
https://www.propit.it/idealista/static/it/partners/propit/buscador.html

and
http://st.teknoring.it/bannerLibri/ext/banner-250-propit.php?'+str+'ord='+ord+'&cu=%%CLICK_URL_ESC%%&filter='+pathname+'&d='+d+'
transformed in
https://www.propit.it/teknoring/bannerLibri/ext/banner-250-propit.php?'+str+'ord='+ord+'&cu=%%CLICK_URL_ESC%%&filter='+pathname+'&d='+d+'"><\/SCR' + 'IPT>');
Apache restarted.

In Safari I can see the ad without "padlock" and in Chrome no ad shown :(
 

Mike

XenForo developer
Staff member
#13
The link proxy will not do anything to resolve these issues. A 301 redirect to an insecure resource won't prevent mixed content warnings. In general, the only way to sort it would be for your ad provider to support HTTPS themselves directly.