Thread

Greetings!

We have a site we’re accessing via https, but get security warnings from IE because some assets are accessed insecurely (CSS and images referenced there, in this case).  This happens when the setting ‘General Config -> URL to the root directory of your site’ includes the http:// protocol identifier (With that field blank, set just to the site domain, or set without a protocol [//example.com/], we encounter other problems, so that’s not really an option).  The problematic URLs are, of course, those generated with {path=} in the templates.  Are there other options?

Thanks,
Scott

Hey Scott,

Thank you for posting your question here on the ExpressionEngine forums.

Are these assets in the same secure domain? If they are not, I am not sure there is a way around it.

Please let me know.

Cheers,

Hi Shane:

They’re in the same domain.

tnx,
-s.

Hi Scott Hepler,

I guess I am not understanding. How are the assets being accessed insecurely?

Thank you,

Because we use {stylesheet=} in our templates, if we have the ‘URL to the root directory’ set to ‘http://example.com/’, the CSS and all assets it includes are fetched via plain http:, so IE complains.  If we set that to ‘/’, the Pages module complains when we edit entries.  If we set it to ‘//example.com’ (protocol-relative URL), EE gets, uh, confused about the base_url.

Anyway, I’ve solved this with some handy help from Peter Lewis over on StackOverflow.  He pointed out a cool little extension:  http://devot-ee.com/add-ons/https-support , FYI.

Have a great weekend, and thanks.

-s.

Hey Scott!

I’m glad to see you were able to find a solution!

If you need anything else, please let us know.

Cheers,