Hi!

We manage more webshops based on Commerce Kickstart. Now these sites are served with https.
We get error messages because the google fonts import using http requests.

"Mixed Content: The page at 'https://mywebshopname.hu' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,400ital...'. This request has been blocked; the content must be served over HTTPS."

The importing code lines:
@import url(//fonts.googleapis.com/css?family=Open+Sans:400,700,300,600,800);
@import url(//fonts.googleapis.com/css?family=Gentium+Basic:400,700);

The code lines are placed into more css files, for example:
/profiles/commerce_kickstart/themes/omega_kickstart/css/global.css
/profiles/commerce_kickstart/themes/omega_kickstart/css/omega-kickstart-alpha-default.css
/profiles/commerce_kickstart/themes/omega_kickstart/css/omega-kickstart-alpha-default-normal.css
/profiles/commerce_kickstart/themes/commerce_kickstart_theme/css/commerce-kickstart-style.css
/profiles/commerce_kickstart/themes/commerce_kickstart_theme/css/commerce-kickstart-theme-alpha-default.css

We solve the problem temporarily by comment out these lines in css files, and import fonts in our theme with https.

I downloaded the latest version of Commerce Kickstart (7.x-2.48), and I see that these code lines are the same.

I want to ask change these requests to https.

Thanks.

Comments

bata.laci created an issue. See original summary.

mglaman’s picture

mglaman
Primary language English
Location WI, USA
CreditAttribution: mglaman at Centarro commented

Looks like we need to patch omega_kickstart and the theme provided by the distro.

mglaman’s picture

mglaman
Primary language English
Location WI, USA
CreditAttribution: mglaman at Centarro commented
Project: Commerce Kickstart » Omega Kickstart
Version: 7.x-2.13 » 7.x-3.x-dev