"Blocked loading mixed active content" when creating block
Permalink Browser Info Environment
Hi
I just installed Block Designer on 5.7.5.13 and after filling in all information and adding fields, clicking Make the Block results only in a console error ––> we are using https everywhere (canonical URLs forced as https) so why doesn't Block Designer respect that? What can be done?
I just installed Block Designer on 5.7.5.13 and after filling in all information and adding fields, clicking Make the Block results only in a console error
Blocked loading mixed active content “http://www.mysite.tld/index.php/dashboard/blocks/block_designer/handle_check/block_handle/”
Type: | Ticket |
---|---|
Status: | Archived |
Hi Ramon,
And thanks for such quick response and update to Block Designer!
However, the problem didn't go away.. If it helps, here is a screenshot of developer tools showing the error and POST headers, where the response location for some reason still has http:.https://www.dropbox.com/s/3ejgl9ouy8hiyf4/Screenshot%202017-06-15%20...
And thanks for such quick response and update to Block Designer!
However, the problem didn't go away.. If it helps, here is a screenshot of developer tools showing the error and POST headers, where the response location for some reason still has http:.https://www.dropbox.com/s/3ejgl9ouy8hiyf4/Screenshot%202017-06-15%20...
If you search for:
var CCM_APPLICATION_URL
What does it say in your inspector (so for the Block Designer page /index.php/dashboard/blocks/block_designer)? Should be some script type="text/javascript" in the <head> of your page.
I'm guessing you'd have to CTRL + SHIFT + R on your Block Designer page, since I've just tried and it should actually work.
Let me know!
Kind regards,
Ramon
var CCM_APPLICATION_URL
What does it say in your inspector (so for the Block Designer page /index.php/dashboard/blocks/block_designer)? Should be some script type="text/javascript" in the <head> of your page.
I'm guessing you'd have to CTRL + SHIFT + R on your Block Designer page, since I've just tried and it should actually work.
Let me know!
Kind regards,
Ramon
CCM_APPLICATION_URL has the url with https. I cleared the cache did a hard refresh and tested with a different browser, too.
OK, what do you see when you open this page:
/packages/block_designer/js/block_designer.view.js
On line 9 (right after $.ajax)?
/packages/block_designer/js/block_designer.view.js
On line 9 (right after $.ajax)?
Here you go:
$.ajax({ url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(), type: 'post',
And it still doesn't work now? If as you say, CCM_APPLICATION_URL is the correct httpS address, then it should actually be doing that URL. The line you just mentioned is how the URL is being generated and that is the value/variable you just mentioned.
Moved back/forth couple of times over here and it seems to do exactly what I enter under the canonical URL. I'm not sure what's going wrong on your end then. All files seem like they should be.
What if you add this to the file I just mentioned, right before $.ajax:
alert(CCM_APPLICATION_URL);
return false;
And you try again (hard refresh doing CTRL + SHIFT + R). Do you get a message on your screen with an URL? Is it the correct URL? What does this URL end with (with or without a slash)?
Kind regards,
Ramon
Moved back/forth couple of times over here and it seems to do exactly what I enter under the canonical URL. I'm not sure what's going wrong on your end then. All files seem like they should be.
What if you add this to the file I just mentioned, right before $.ajax:
alert(CCM_APPLICATION_URL);
return false;
And you try again (hard refresh doing CTRL + SHIFT + R). Do you get a message on your screen with an URL? Is it the correct URL? What does this URL end with (with or without a slash)?
Kind regards,
Ramon
Hi,
The alert shows the correct https url without a trailing slash so it seems correct. I removed the alert and tested again with the same result, but unfortunately the inspector doesn't give any details on what url it sees as mixed content... Should I give you access to the dashboard? Maybe we could continue this discussion in private messages?
The alert shows the correct https url without a trailing slash so it seems correct. I removed the alert and tested again with the same result, but unfortunately the inspector doesn't give any details on what url it sees as mixed content... Should I give you access to the dashboard? Maybe we could continue this discussion in private messages?
What if you change this:
url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
To:
url: 'https://www.my-domain.com/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
And test again. See if it really goes towards that URL. So don't replace anything from the above into your domain just yet!
Kind regards,
Ramon
url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
To:
url: 'https://www.my-domain.com/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(),
And test again. See if it really goes towards that URL. So don't replace anything from the above into your domain just yet!
Kind regards,
Ramon
Nope still the same error. What did you mean with "So don't replace anything from the above into your domain just yet!"? Now I replaced the CCM_APPLICATION_URL with the actual address, cleared C5 cache, did a hard refresh and tried to create a block as before.
I meant, don't do this:
"Now I replaced the CCM_APPLICATION_URL with the actual address".
Just leave it as-is. See if the URL it goes to is now my-domain.com instead. So it really uses this code and we know this is working.
"Now I replaced the CCM_APPLICATION_URL with the actual address".
Just leave it as-is. See if the URL it goes to is now my-domain.com instead. So it really uses this code and we know this is working.
Hah, sorry now I got it :)
OK I changed it to my-domain.com and now inspector doesn't give mixed content error, after changing back to our domain, the error is back, too.
OK I changed it to my-domain.com and now inspector doesn't give mixed content error, after changing back to our domain, the error is back, too.
OK great.
What I think is happening, is that you can't do from HTTP to HTTPS and vice-versa. See:
https://stackoverflow.com/questions/32307235/how-to-fix-blocked-load...
Or:
https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/...
So, you currently visit your site using HTTP - without the secure (HTTPS). You want to connect with the secure version though. That seems to be impossible. Does that make sense?
Kind regards,
Ramon
What I think is happening, is that you can't do from HTTP to HTTPS and vice-versa. See:
https://stackoverflow.com/questions/32307235/how-to-fix-blocked-load...
Or:
https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/...
So, you currently visit your site using HTTP - without the secure (HTTPS). You want to connect with the secure version though. That seems to be impossible. Does that make sense?
Kind regards,
Ramon
Hi,
That's the thing that doesn't make sense because I am visiting the site over https (also the screenshot above shows green padlock..) and like I mentioned C5 is forced to always use https so I trying to visit with http redirects to https.
That's the thing that doesn't make sense because I am visiting the site over https (also the screenshot above shows green padlock..) and like I mentioned C5 is forced to always use https so I trying to visit with http redirects to https.
OK, then it's probably due to cross domain... What Block Designer is doing, is call an URL on the page, without refreshing. So, that's what goes wrong here. I'm not sure if there is anything I can do about that. I've tried a couple more things, without success though. Let me suggest this. Change this code (from the same .js file):
Into this:
That will at least keep you going. The only thing you miss right now, is if you try to create a block with a handle that already exists, you don't get the error instantly, but the page will refresh and show you the errror. Maybe others can jump in on this issue, but I'm kinda stumped on how to get this working.
Let me know if this gets you going!
Kind regards,
Ramon
onSuccess: function () { var return_ = false; $.ajax({ url: CCM_APPLICATION_URL + '/index.php/dashboard/blocks/block_designer/handle_check/' + $('input[name="block_handle"]').val(), type: 'post', async: false, data: {}, dataType: 'json', success: function (data) { if (data.error) { $('.block-designer-container > .alert').remove(); $('.block-designer-container form').before('<div class="alert alert-danger"><button type="button" class="close" data-dismiss="alert">×</button>' + data.error + '</div>'); $('html, body').animate({ scrollTop: $('.block-designer-container > .alert').offset().top - $('#ccm-toolbar').height() - 10 }, 1000);
Viewing 15 lines of 24 lines. View entire code block.
Into this:
onSuccess: function () { return true; }
That will at least keep you going. The only thing you miss right now, is if you try to create a block with a handle that already exists, you don't get the error instantly, but the page will refresh and show you the errror. Maybe others can jump in on this issue, but I'm kinda stumped on how to get this working.
Let me know if this gets you going!
Kind regards,
Ramon
Thanks! This change works, now I can continue testing this add-on :)
Hopefully you or someone get an idea how to fix this later on, but for now I'm good. Thanks again for amazingly quick support!
Hopefully you or someone get an idea how to fix this later on, but for now I'm good. Thanks again for amazingly quick support!
Trying to help whenever I can. Unfortunately I couldn't find THE solution... Perhaps you can try posting on the forums? I could also try the Slack channel tomorrow.
At least this will get you going :)
Kind regards,
Ramon
At least this will get you going :)
Kind regards,
Ramon
Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.
To re-open this issue, reply to this message.
To re-open this issue, reply to this message.
Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.
To re-open this issue, reply to this message.
To re-open this issue, reply to this message.
What I've done now is put the full "CCM_APPLICATION_URL" variable in it. Let me know if that worked out for you. It's in the latest 2.8.1 version of Block Designer! So update, and see what happens (make sure you do a hard refresh in your browser and clear cache within your concrete5 install).
If that does not work, I will have to dig in deeper. Just let me know.
Kind regards,
Ramon