Website not showing as 100% secure due to supposed Google Maps block.
Permalink 1 user found helpful
Hi I'm trying to setup my site for secure hosting but there's some kind of javascript call that is happening on every page that is causing my website to show a "insecure content" error in my browsers. I have done a debug and Chrome is reporting that every page I access is callinghttp://maps.google.com/maps/api/js?sensor=false... thus giving the insecure content error. I don't have the google maps block running at all on my site. Does anyone have any ideas as to why this would be called on every page (including the login page and all of the dashboard pages). I'm somewhat new to concrete5 so have no idea where to start looking. Is this being pre-loaded somehow?
Thanks.
Jason.
Thanks.
Jason.
Cool. Thanks for such a quick reply. I wasn't quite sure where to look to actually make this mod? Would it be in the concrete/blocks/google_map folder?
I have no idea why it would be calling this if I don't use the block. Does concrete5 preload the scripts for all blocks anyway? Funny that it's not a secure url call. My first thought was that it was Google Analytics but I noticed that Google's code actually tests for http or https.
I have no idea why it would be calling this if I don't use the block. Does concrete5 preload the scripts for all blocks anyway? Funny that it's not a secure url call. My first thought was that it was Google Analytics but I noticed that Google's code actually tests for http or https.
The maps js should not be loaded unless you are actually using a maps block (or map related utilities such as geolocation).
Maybe something else on your site is doing map related stuff, perhaps your theme is doing something?
I would just do a global text search for 'maps.google.com' through all files below your root and see where it is found.
Maybe something else on your site is doing map related stuff, perhaps your theme is doing something?
I would just do a global text search for 'maps.google.com' through all files below your root and see where it is found.
I just changed the code in pro blog's controller.php file to https and that fixed my problem. It seems that pro blog does cause info to be written into the page's headers thus causing the insecure content in my browser. I don't a fully understand the workings of concrete5 but do a find it a little weird that this happens even on the login page. Anyway, I'll notify the author chadstrat and see if this is an issue that can be resolved in future as it's a bit of a pain for a secure site. Thanks for all your help.
Thanks for that. I did a search and did find it scattered throughout the pro blog add-on. It is in the pro blog controller.php file Would that be something that is accessed on every page of my site? I have also noticed that it is scattered throughout a few of the view.php files associated with pro blog and pro events.
You can do this by putting https:// instead of http:// into the link.
Current link is:
Use it:
Hope it will help you.
Citytech