Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
On HTTPS site, there is the following console message:
Mixed Content: The page at 'https://example.com' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato|Inconsolata|Merriweather:400,400italic,700,700italic&subset=latin,latin-ext'. This request has been blocked; the content must be served over HTTPS.
Error is caused by loading google font via insecure protocol. We need to change http://fonts.googleapis.com/ to //fonts.googleapis.com/. So it will load in secure protocol on HTTPS.
I will provide the patch file later.
Comment | File | Size | Author |
---|---|---|---|
#2 | 2747467-1.patch | 616 bytes | suryanto |
Comments
Comment #2
suryantoHere is the patch file. It should fix HTTPS mixed content issue.
Comment #3
bryanbraun CreditAttribution: bryanbraun commentedAwesome. Thanks for reporting the issue and submitting the patch. The change looks good to me. I don't have time tonight but I'll plan to commit this at my next available opportunity.
Comment #4
bryanbraun CreditAttribution: bryanbraun commentedI just remembered a post I once read calling protocol relative an anti-pattern: http://www.paulirish.com/2010/the-protocol-relative-url/
Changing it to https://, as recommended in the post should solve the mixed content issue, so I'll go ahead with that approach.
Comment #7
bryanbraun CreditAttribution: bryanbraun commentedCommitted fixes to 7.x-2.x and 8.x-2.x. Thanks for the help!
Comment #8
doktorrr CreditAttribution: doktorrr commentedHow to apply this patch? I get error: No such file or directory