Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.When serving a site from HTTPS, I get the following error in the JavaScript console in Google Chrome:
[blocked] The page at https://example.com/ ran insecure content from http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js.
This also prevents anything dependent on Bootstrap's JavaScript from working, for example, the dropdown arrow next to the "Spaces" button at the top of the screen.
Changing this line in oa_radix/template.php:
drupal_add_js('http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js', 'external');
... from 'http://' to 'https://' fixes the problem. However, the theme should probably check if it's being accessed via HTTPS and make the switch itself!
If I find time later, I'll write a patch.
Comments
Comment #1
Argus CreditAttribution: Argus commentedDoesn't this belong in oa_radix issue Q?
Comment #2
dsnopekAre we using the seperate issue queues? I know that many projects don't (Panopoly, Devshop, Aegir, etc). I was just putting everything in the main one. :-)
Comment #3
mpotter CreditAttribution: mpotter commentedYes, we will be using separate issue queues for the major modules (like oa_core, oa_discussion, oa_radix, etc). Panopoly (and other projects) don't do this because their modules are so tightly dependent. The problem with a single issue queue is when somebody submits a patch it's not clear without some careful looking where the patch should be applied and what the "base" of the patch is. And since OA2 modules are intended to eventually work on their own without starting with the OA2 distribution they should be treated as regular Drupal modules rather than putting everything in the distribution issue queue.
Comment #4
dsnopekOk, thanks! I also prefer seperate queues. :-)
Comment #5
mpotter CreditAttribution: mpotter commentedOK, attempt #1 to fix this. Just removed the http:// in the drupal_add_js since it seems like Drupal should be handling whether to add https or not.
drupal_add_js('netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js', 'external');
Seems fine for regular http, so please test and let me know if this resolves the https issue.
(Fix commited to f242f71).
Comment #6.0
(not verified) CreditAttribution: commentedOops! Didn't mean to put the actual client site URL in there. :-)
Comment #7
gjlook CreditAttribution: gjlook commentedHi there - is there a patch for this ?
I am getting the same problem and posted in the open atrium section on here.
I'm unsure how to search different queues for a solution
many thanks
Comment #8
gjlook CreditAttribution: gjlook commented** i have repeated this in another thread but i'll add it here since i asked a question here **
in drupal you have themes . I am using oa_radix . within each theme there is a template.php and within that file is a line DRUPAL_ADD 'http://netdna.bootstrapcdn with 'https://netdna.bootstrapcdn
i changed this to https as instructed but nothing changed. however both http and https references still appeared in web page page source. scratching my head and looking through the files theres another theme called radix which im not using .
so in my mind this should not affect anything . however changing radix template.php ( which i dont use ) to match oa_radix ( which i do use ) seems to have solved the problem
Comment #9
Argus CreditAttribution: Argus commentedThis issue is closed. It is better to use an open issue (I mean the other issue) so people will notice it and the discussion isn't fragmented.
Comment #10
gjlook CreditAttribution: gjlook commentedive added my comment to another thread ( see above **)
but like myself - people searching will find this thread as well