Applying ssl cert breaks content
Permalink
I've added an ssl cert to a site, and it immediately broke the site. References in the site are to http, for example,http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js... andhttp://fonts.googleapis.com/css?family=Open+Sans:400,600,700....
When I go into the theme and look at the page which has this, called "front.php", I see:
For the font, i see the whole link:
When I change the http in the google font api, it doesn't change on the live site at all.
I've tried clearing caches.
The location of the file is /themes/Themename/front.php. Is there somethere else this might be, or something I am missing to update this?
When I go into the theme and look at the page which has this, called "front.php", I see:
<?=Loader::element("header_required");?>
For the font, i see the whole link:
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,600,700' rel='stylesheet' type='text/css'>
When I change the http in the google font api, it doesn't change on the live site at all.
I've tried clearing caches.
The location of the file is /themes/Themename/front.php. Is there somethere else this might be, or something I am missing to update this?
Try forcing a browser refresh using CTRL and F5 on the keyboard as I think it might be the browser cache needs clearing.
If you are seeing <link href='http://.... etc when actually looking into the php files, its a coding issue in your theme.
It used to be that https:// sites could pull in http:// assets such as fonts. Browser security on recent browsers blocks such urls. A secure page is not permitted to pull in assets from non-secure locations. The same applies to JS, CSS, Fonts and images.
A flexible fix for code is to leave the scheme off the front, so <link href='//... etc. The browser will then use whichever scheme the page was loaded with. That will work as long as the server providing the asset is also ssl.
It used to be that https:// sites could pull in http:// assets such as fonts. Browser security on recent browsers blocks such urls. A secure page is not permitted to pull in assets from non-secure locations. The same applies to JS, CSS, Fonts and images.
A flexible fix for code is to leave the scheme off the front, so <link href='//... etc. The browser will then use whichever scheme the page was loaded with. That will work as long as the server providing the asset is also ssl.
