Does not work on HTTPS sites

I recently upgraded a site from HTTP to HTTPS.

After the upgrade to HTTPS:

1. The contact form created by the [vCitaMeetingScheduler] appeared blank due to “mixed-content”.
2. The vCita settings pages within wp-admin (Edit Contact For, Edit Scheduling Calendar Widget, etc) appear blank (tested in Chrome).

This is because Chrome blocks “mixed content” by default. This can be seen in the Console in Chrome Developer Tools.

Workarounds:

1. User-facing forms: I’ve “fixed” the contact form issue by doing a search-replace in the wordpress database and changed https://wwww.vcita.com to https://www.vcita.com. (Hopefully, this will not revert back in 24-hours as reported by jeremybooze)

2. wp-admin screens: Since these screens are only accessed by admins, we are asking the admin to override Chrome’s default behavior and allow mixed-content when visiting the admin screens.

Issue:

Upon digging through the vCita plugin code, we can see https:// being hard-coded in the plugin. Here is a sampling:

./vcita-active-engage-edit.php:23: <iframe src=”https://&lt;?php echo VCITA_SERVER_BASE ?>/widget_implementations?platform=wordpress&widget=active_engage&key=<?php echo $key ?>” width=”100%” height=”100%”/>
./vcita-calendar-edit.php:22: <iframe src=”https://&lt;?php echo VCITA_SERVER_BASE ?>/widget_implementations?platform=wordpress&widget=scheduler&key=<?php echo $key ?>” width=”100%” height=”100%”/>
./vcita-contact-form-edit.php:22: <iframe src=”https://&lt;?php echo VCITA_SERVER_BASE ?>/widget_implementations?platform=wordpress&widget=contact_form&key=<?php echo $key ?>” width=”100%” height=”100%”/>
./vcita-sidebar-edit.php:22: <iframe src=”https://&lt;?php echo VCITA_SERVER_BASE ?>/widget_implementations?platform=wordpress&widget=sidebar&key=<?php echo $key ?>” width=”100%” height=”100%”/>

Suggested Solution:

Please consider using protocol-relative urls, or, since your URLs appear to be available over HTTPS, just use https:// everywhere.