Monitor Reply

Support

"Blocked loading mixed active content" when creating block

Permalink Browser Info Environment June 15, 2017 at 3:15 PM

Hi
I just installed Block Designer on 5.7.5.13 and after filling in all information and adding fields, clicking Make the Block results only in a console error

Blocked loading mixed active content “http://www.mysite.tld/index.php/dashboard/blocks/block_designer/handle_check/block_handle/”

––> we are using https everywhere (canonical URLs forced as https) so why doesn't Block Designer respect that? What can be done?

Type:	Ticket
Status:	Archived

ramonleenders replied on Jun 15, 2017 at 3:31 pm Permalink Reply

Hi there,

What I've done now is put the full "CCM_APPLICATION_URL" variable in it. Let me know if that worked out for you. It's in the latest 2.8.1 version of Block Designer! So update, and see what happens (make sure you do a hard refresh in your browser and clear cache within your concrete5 install).

If that does not work, I will have to dig in deeper. Just let me know.

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 6:33 pm Permalink Reply

Hi Ramon,
And thanks for such quick response and update to Block Designer!
However, the problem didn't go away.. If it helps, here is a screenshot of developer tools showing the error and POST headers, where the response location for some reason still has http:.https://www.dropbox.com/s/3ejgl9ouy8hiyf4/Screenshot%202017-06-15%20...

ramonleenders replied on Jun 15, 2017 at 6:55 pm Permalink Reply

If you search for:

var CCM_APPLICATION_URL

What does it say in your inspector (so for the Block Designer page /index.php/dashboard/blocks/block_designer)? Should be some script type="text/javascript" in the <head> of your page.

I'm guessing you'd have to CTRL + SHIFT + R on your Block Designer page, since I've just tried and it should actually work.

Let me know!

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 6:58 pm Permalink Reply

CCM_APPLICATION_URL has the url with https. I cleared the cache did a hard refresh and tested with a different browser, too.

ramonleenders replied on Jun 15, 2017 at 7:00 pm Permalink Reply

OK, what do you see when you open this page:

/packages/block_designer/js/block_designer.view.js

On line 9 (right after $.ajax)?

patej replied on Jun 15, 2017 at 7:06 pm Permalink Reply

Here you go:

$.ajax({
                url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
                type: 'post',

ramonleenders replied on Jun 15, 2017 at 7:14 pm Permalink Reply

And it still doesn't work now? If as you say, CCM_APPLICATION_URL is the correct httpS address, then it should actually be doing that URL. The line you just mentioned is how the URL is being generated and that is the value/variable you just mentioned.

Moved back/forth couple of times over here and it seems to do exactly what I enter under the canonical URL. I'm not sure what's going wrong on your end then. All files seem like they should be.

What if you add this to the file I just mentioned, right before $.ajax:

alert(CCM_APPLICATION_URL);
return false;

And you try again (hard refresh doing CTRL + SHIFT + R). Do you get a message on your screen with an URL? Is it the correct URL? What does this URL end with (with or without a slash)?

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 7:37 pm Permalink Reply

Hi,
The alert shows the correct https url without a trailing slash so it seems correct. I removed the alert and tested again with the same result, but unfortunately the inspector doesn't give any details on what url it sees as mixed content... Should I give you access to the dashboard? Maybe we could continue this discussion in private messages?

ramonleenders replied on Jun 15, 2017 at 7:40 pm Permalink Reply

What if you change this:

url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),

To:

url: 'https://www.my-domain.com/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),

And test again. See if it really goes towards that URL. So don't replace anything from the above into your domain just yet!

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 7:46 pm Permalink Reply

Nope still the same error. What did you mean with "So don't replace anything from the above into your domain just yet!"? Now I replaced the CCM_APPLICATION_URL with the actual address, cleared C5 cache, did a hard refresh and tried to create a block as before.

ramonleenders replied on Jun 15, 2017 at 7:48 pm Permalink Reply

I meant, don't do this:

"Now I replaced the CCM_APPLICATION_URL with the actual address".

Just leave it as-is. See if the URL it goes to is now my-domain.com instead. So it really uses this code and we know this is working.

patej replied on Jun 15, 2017 at 7:57 pm Permalink Reply

Hah, sorry now I got it :)
OK I changed it to my-domain.com and now inspector doesn't give mixed content error, after changing back to our domain, the error is back, too.

ramonleenders replied on Jun 15, 2017 at 8:02 pm Permalink Reply

OK great.

What I think is happening, is that you can't do from HTTP to HTTPS and vice-versa. See:

https://stackoverflow.com/questions/32307235/how-to-fix-blocked-load...

Or:

https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/...

So, you currently visit your site using HTTP - without the secure (HTTPS). You want to connect with the secure version though. That seems to be impossible. Does that make sense?

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 8:10 pm Permalink Reply

Hi,
That's the thing that doesn't make sense because I am visiting the site over https (also the screenshot above shows green padlock..) and like I mentioned C5 is forced to always use https so I trying to visit with http redirects to https.

ramonleenders replied on Jun 15, 2017 at 8:34 pm Permalink Reply

OK, then it's probably due to cross domain... What Block Designer is doing, is call an URL on the page, without refreshing. So, that's what goes wrong here. I'm not sure if there is anything I can do about that. I've tried a couple more things, without success though. Let me suggest this. Change this code (from the same .js file):

onSuccess: function () {
            var return_ = false;
            $.ajax({
                url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
                type: 'post',
                async: false,
                data: {},
                dataType: 'json',
                success: function (data) {
                    if (data.error) {
                        $('.block-designer-container > .alert').remove();
                        $('.block-designer-container form').before('<div class="alert alert-danger"><button type="button" class="close" data-dismiss="alert">×</button>' + data.error + '</div>');
                        $('html, body').animate({
                            scrollTop: $('.block-designer-container > .alert').offset().top - $('#ccm-toolbar').height() - 10
                        }, 1000);

Viewing 15 lines of 24 lines. View entire code block.

 
 onSuccess: function () {
            var return_ = false;
            $.ajax({
                url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
                type: 'post',
                async: false,
                data: {},
                dataType: 'json',
                success: function (data) {
                    if (data.error) {
                        $('.block-designer-container > .alert').remove();
                        $('.block-designer-container form').before('<div class="alert alert-danger"><button type="button" class="close" data-dismiss="alert">×</button>' + data.error + '</div>');
                        $('html, body').animate({
                            scrollTop: $('.block-designer-container > .alert').offset().top - $('#ccm-toolbar').height() - 10
                        }, 1000);
                        return false;
                    }
                    else {
                        return_ = true;
                    }
                }
            });
            return return_;
        }

Into this:

onSuccess: function () {
            return true;
        }

That will at least keep you going. The only thing you miss right now, is if you try to create a block with a handle that already exists, you don't get the error instantly, but the page will refresh and show you the errror. Maybe others can jump in on this issue, but I'm kinda stumped on how to get this working.

Let me know if this gets you going!

Kind regards,

Ramon

patej replied on Jun 15, 2017 at 8:52 pm Permalink Reply

Thanks! This change works, now I can continue testing this add-on :)
Hopefully you or someone get an idea how to fix this later on, but for now I'm good. Thanks again for amazingly quick support!

ramonleenders replied on Jun 15, 2017 at 8:56 pm Permalink Reply

Trying to help whenever I can. Unfortunately I couldn't find THE solution... Perhaps you can try posting on the forums? I could also try the Slack channel tomorrow.

At least this will get you going :)

Kind regards,

Ramon

ConcreteCMS replied on Jun 30, 2017 at 12:02 am Permalink Reply

Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.

To re-open this issue, reply to this message.

ConcreteCMS replied on Jun 30, 2017 at 12:03 am Permalink Reply

Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.

To re-open this issue, reply to this message.

Block Designer

Support

"Blocked loading mixed active content" when creating block

Issue Reply

concrete5 Environment Information

Browser User-Agent String

Hide Post Content

Request Refund

Code

Delete Post