Forum Moderators: open
I have the following code to detect whether the page is http or https and alter accordingly
-----------
<script type="text/javascript" language="JavaScript" src="[if
type=explicit
compare="[is_secure]"]https://secure.comodo.net[else]http://www.trustlogo.com[/else][/if]/trustlogo/javascript/trustlogo.js"></script>
-----------
<script type="text/javascript">TrustLogo("[if type=explicit
compare="[is_secure]"]https[else]http[/else][/if]://www.mysite.com/images/secure_site.gif", "SC", "none");</script>
------------
i don't see a problem with the above code, so i'm wondering if is setting up the tag which is causing problems -
-------------
is_secure.tag
-------------
UserTag is_secure Routine <<EOR
sub {
return $CGI::secure =~ /^(on¦1)$/i? 1 : 0;
}
EOR
------------
Any advice on what (if anything) is wrong with this code would be appreciated.
First, you don't need to put the protocol (http/https) in the src attribute. If you omit the protocol, then the browser will use the same protocol that was used to fetch the main html.
Next, examine the html at the browser (view source) to find the cause of your problem. That is, ignore the server-side code until you pinpoint the delivered html that triggers the message. You can check the results of your posted code this way to see if that is the cause. But also look at every other resource tag with a src or link attribute. Besides external javascript files, images and style sheets are the other primary candidates. Any external resources can cause this message. Again, you can usually just drop the protocol portion of the src/link attribute.
Also, if you have an empty IFrame (no source on the initial page load), then it will cause this message on HTTPS pages. Just use an empty html page as the source to get around this.
sorry if there was any confusion with the post.
without the trustlogo, then there is no problem with going from http to https - so it is only trustllogo which is causing the 'secure and non secure' issue.
the problem is that the trustlogo js code which resides on their server is on completely different pages for either http or https, so some sort of code needs to be used to check the status and serve the relevant page.
the code i listed before i thought looked ok, but on use results in the logo not coming up at all.
Also, create a test page that just has basic HTML and the script for getting the Trust Logo under HTTPS. That is, take your javascript out of the picture. When you hit that page via via HTTPS, does it cause the same error?
The bottom line is that it has to be caused by one of these possibilities:
- the generated <script> tag is bad, or
- the javascript returned attempts to fetch an image or other resource via HTTP, or
- the Trust Logo server thinks you are sending an invalid request (i.e. page not served from a trusted server) and it is then doing something that causes the error.
with this code
<script language="JavaScript" src="http://www.trustlogo.com/trustlogo/javascript/trustlogo.js" type="text/javascript">
</script>
and an image ref
an http page works fine.
with this code:
<script language="JavaScript" src="https://secure.comodo.net/trustlogo/javascript/trustlogo.js" type="text/javascript">
</script>
and an image reference
https works fine.
if i remove the trustlogo from any page, i can go from http to https without any issue.
so the problem is with the code which is trying to detect http(s) and serve accordingly.
thanks for the ongoing help
Sample PHP code:
if ((strtolower($_SERVER['HTTPS']) === 'on')¦¦ ($_SERVER['SERVER_PORT'] === '443')) { $running_https = true; }
if($running_https){
echo '<img src="https://...';
} else {
echo '<img src="http://...';
}
*Fix broken pipes "¦¦" before using on your server. Also, test to ensure that the code works. ;)
is_secure.tag
-------------
UserTag is_secure Routine <<EOR
sub {
return $CGI::secure =~ /^(on¦1)$/i? 1 : 0;
}
EOR
can anyone confirm if this part is 'ok' as Javascript goes?
Edit -
Sorry Gregg, I must have got a cache page, didn't see your message until after posting.
