A script (ext. image) in footer breaks SSL - repairable?

[BoKr]

Hello

 

I think I broke in a certain way SSL. All browsers tell me that we got mixed content (secured and non secured content) on those pages that should be secured via SSL.

 

I do not know how to check which content is responsible for the trouble but I had a look at Firefox's status window that shows which content seems to be loaded on a page.

 

All except one thing is loaded via https. The one thing is an image that loads itsself via script from an external site. So I think I happy and that this is the culprit.

 

 

I wonder what I can do to repair this with having in mind I want to link via that image to external content (banner exchange so to speak I think).

 

Site is: www. g r u e n es-spielzeug.de

 

I thank you for your help!

[NemoPS]

If the site you are including the image from does not serve an ssl version of it, there is nothing you can do I fear

[BoKr]

Oh, Nemo that is an honor

 

Ok, but the news you bring are less shining

 

 

If I am understanding things correctly then has to be all content secured that means it has to be loaded via https when a secured part of a page is being accessed. All content refers here to all that is being shown so to speak (that stuff that is in the code being precise).

Therefore all stuf that resided in header and footer is always shown and has to be totally 'secure'. Stuff that resides in blocks or menus only if it is shown while being on the secured part of a page.

So, all that being said, there remains the possibility to link unsecure content on the CMS pages like a page called 'links'. That should do and browsers should not complain.

 

If that was correct I said then I will have to contact now the image-link provider and ask wether he could store behind https pages (httacess).

[NemoPS]

You are correct,

To be precise, you can get an ssl'd page even if your content is not 100% secure. However, this will imply the lock next to https to be yellow, with a red bar across it. As far as I know, to have a 100% genuine (green lock) page, you must display every single resource from ssl'd links

[vincent89]

prestashop 1.6.0.8

 

I Found the solution without modify anything in the presta files.

 

enable ssl and force the ssl on all pages but uncheck html purifier library (very important). you could enable it after insert the image.

 

then go on CMS (exemple: about us) the image who's already there when you install prestashop work well even in ssl so you have to copy how they wrote the code. 

 

<img title="cms-img" src="../img/cms/cms-img.jpg" alt="cms-img" width="370" height="192" />

 

replace by your name image 

 

<img title="your name image" src="../img/cms/your name image.jpg" alt="your name image" width="370" height="192" />

 

write this way on the little popup window [insert/edit image] right after uploaded and chose the image from your file manager.

 

 source             ../img/cms/your name image.jpg

 image description   ....

 dimensions             ...

 

Save it and go to enable the html filter purifier if you done to put new images.

Now it should work. your image is here and your page is still SSL.

 

ps: you'll have to disable html purifier library every time you need to add a new picture from your file manager otherwise it will appear this famous question mark instead of the image and your page won't be SSL

 

It tooks 2weeks to found that, I hope you'll appreciate this post. That's the most annoying bug on prestashop, I don't even know why the Presta team didn't fix that so far!!!!????

 

 

I still have a problem with the homeslider who's disappear when running on Safari, need to refresh the page every time I come back on the home page!!! if somebody have the Solution I'll appreciate to know it thanks

 

vince