Browsers block mixed content preventing page editing
Edit block Issue: Browser debuggers are showing similar to the following (Chrome example):
Mixed Content: The page at 'https://www.example.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.example.com/themes/<theme_dir>/typography.css'. This request has been blocked; the content must be served over HTTPS.
m.create.setupIframe @ tiny_mce.js:1
Load Form issue, when I try to load Page Properties via the Editor, (Chrome debugger) throws:
Mixed Content: The page at 'https://www.example.com/' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://www.example.com/index.php?cID=1&ccm_token=1453713006:969465f2ffbcd64ecd3d88ca4ac6d7cb'. This endpoint should be made available over a secure connection.
In both cases above blocks and forms are grayed out.
Concrete5 version is 220.127.116.11. I've tried a few browsers (Chrome 48, Firefox 43, IE 11, Opera 34). The theme is not compatible with Concrete 5.7. The site uses Miser 1.9.3.
I've searched inside the code base and online for any pointers to resolving this issue without luck. I'm not a C5 developer but know how to edit the PHP code where these HTTP (non-secure) references are set if anyone here could steer me to the code containing the HTTPS protocol overide file(s).
Any help would be much appreciated.
site.php changed to...
which causes a redirect loop, unless the following is also updated..
concrete/startup/url_check.php changed to
$protocol = 'https://';