I am trying to load a script on a WordPress HTTP site using PHP. The script itself is on another site, and is only accessible through HTTPS. I am loading the script using the line:
wp_enqueue_script('airtable_embed', 'https://static.airtable.com/js/embed/airtable_embed.js');
However, when the page loads, the https in the url is always replaced by http, and the script is not available through HTTP - only HTTPS. Since it can't find the HTTP version, it gives the following error:
http://static.airtable.com/js/embed/airtable_embed.js?ver=4.3.1
Failed to load resource: the server responded with a status of 403 (Forbidden)
The WordPress documentation says that
Remote scripts can be specified with a protocol-agnostic URL, e.g. //otherdomain.com/js/their-script.js.
So, I think the reason the protocol is being changed from HTTPS to HTTP is that WordPress forces it to use the same protocol as the current site. How can I get around this and include the HTTPS script in my HTTP site?
If you paste the airtable embed snippet into an HTML page and then inspect the DOM, you can just grab the raw HTML for your wordpress site.
Related
I ran a quiz website which is based on PHP-Codeigniter, recently I have added an SSL certificate. I have changed the base_url to start with https, everything was ok unless I started creating a quiz for that js need to do some function but all browser is blocking it.
Error detail:
Mixed Content: The page at 'https://website.com/quiz/index.php/quiz/add_new' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://website.com/quiz/index.php/qbank/get_level_question/0/2'. This request has been blocked; the content must be served over HTTPS.
send # jquery.js:2
jquery.js:2
Note: I can't access the link http link directly to change it to https.
I don't know much about servers/php. I access by website via Cpanel. I can copy and paste codes:)
I have a wordpress site running which is set to use HTTPS, Within the wordpress site I have a widget in a theme that is using the Slim framework. When running on HTTP it does work well but with HTTPS I do get 404 error. The ajax calls are initiated from the browser and request sources that are on the same domain.
Browser log says: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://xxxxxxxx.xxx' is therefore not allowed access. The response had HTTP status code 404.
Within the app only relative path is used. Within the html source I see some HTTP requests for images etc. but it doesn't complain about them
For your ajax urls make sure that they start with https:// or just //
Hello i got an Error 404 with subdomain in ssl
when i run panel.terahost.org in https
i get a blank page https://panel.terahost.org
i found the error in
error is
''This page is trying to load scripts from unauthenticated sources''
its trying to show unsafe script which is uploaded up there on secured page
note the panel is in orginal its uploaded here
46.166.168.175/Tera-Host/index.php
but i use this script to show it up
https://www.mediafire.com/?87syl3od21qdemy
You should have wildcard ssl for subdomains to work. If you have wildcard then also it is showing that error then please check your html rendering. You should have https in front of all your urls on page. If your html have any link of http then it will show this error. I can see that you have frame of page with url http://46.166.168.175/Tera-Host/index.php change it to https.
In my application I am setting the Location header to http://www.foo.com inside a route that responds to a POST request over HTTPS. I keep getting redirected to https://www.foo.com instead of the plain HTTP version. If you handle a POST over HTTPS will all redirects be forced over HTTPS as well?
This is on an Apache server running PHP 5.3.
Ok here's my issue I have a file that is delivered through https, all the files on my server have a common header.php file that is included within files. In the header file i have all my stylesheets etc called from my cdn folder. http://cdn.domain.com since they are called http in my https file (via header.php) it doesnt transmit fully in https.
Is there a way to have htaccess make all transactions on a https page via https even if it is trying to get the http version ? Or is my best bet to coding it in the PHP?
Thanks
This isn't really a server configuration issue. What you need to do is ensure that the server is returning "https" for the location of all of your external resources (css, javascript & images).
Your best bet with a common header file is to use relative urls (no http(s)://example.com/) and let the browser determine the protocol that should be used.
If the css et al are on a different domain, then I'd just detect the protocol being used and massage the protocol in your html before returning it to the user.
Or you can just use HTTPS everywhere ;0)
Just remove http: from all your URL's. It will use http or https depending on what protocol the webpage is using.