Non-secure assets

  • Resolved WraithKenny

    (@wraithkenny)


    7 years ago

    The All-in-One Event Calendar plugin seems to link in assets, JavaScript and Fonts, over non-secure urls (http instead of https). Modern browsers are disallowing those files to load. This means areas of the site are getting fatal JavaScript errors, disabling things in the admin from working correctly.

    This is a pretty egregious bug that can be fixed relatively easily.

Viewing 10 replies - 1 through 10 (of 10 total)
  • Sunny Lal

    (@sunny454)

    Hi @wraithkenny,

    This error has already been addressed and is often caused by external factors, such as insecure URLs in the event’s featured image, etc

    Try this:

    Navigate to Events > Theme Options > click the Save Settings button.
    Also, navigate to Events > Settings > click the Save Settings button.
    This will regenerate your CSS and javascript references.

    If that doesn’t work for you, can you provide your calendar URL so I can take a look?

    Thread Starter WraithKenny

    (@wraithkenny)

    This isn’t that. The plugin has hard coded urls to external resources that are loaded over https:// protocol.

    For example: Line 128 of class-ai1ec-events-controller.php

    wp_enqueue_script( ‘gmap_api’, ‘https://maps.google.com/maps/api/js?sensor=false&language=’ . $ai1ec_events_helper->get_lang() );

    No saving of settings will ever fix this. No external factors are to blame.

    Thread Starter WraithKenny

    (@wraithkenny)

    To be clear, you are enqueuing a javascript file on admin pages that will not load on sites running SSL. This causes a FATAL ERROR preventing all other javascript from properly running, breaking the admin.

    Sunny Lal

    (@sunny454)

    @wraithkenny, if that were the case, many thousands of other users would be affected. It’s not the case.

    Again, This error has already been addressed. In order to diagnose what’s causing it on your calendar, please open a support ticket by logging into your Timely account, or click here: https://dashboard.time.ly/account/get-help.

    Thread Starter WraithKenny

    (@wraithkenny)

    Because the file will not load over SSL, your javascript file references the google variable and breaks the javascript on the page, preventing the plugin from updating and saving data.

    16:20:13.093 ReferenceError: google is not defined[Learn More] add_new_event.js:473:7

    /wp-content/plugins/all-in-one-event-calendar/app/view/admin/js/add_new_event.js?ver=100.10

    Thread Starter WraithKenny

    (@wraithkenny)

    Nah, your plugin is garbage. I’ll fork it and fix it myself.

    Sunny Lal

    (@sunny454)

    @wraithkenny,

    To be clear, the plugin does not load any content without secure protocol unless it was originally setup with insecure protocol. The solution I provided in my first response corrects this issue.

    Thread Starter WraithKenny

    (@wraithkenny)

    .

    Thread Starter WraithKenny

    (@wraithkenny)

    Turns out an old employee sabotaged the plugin on his way out the door.

    I’m very sorry, there is nothing wrong with the plugin. It was a disgruntled employee. I apologize.

    Sunny Lal

    (@sunny454)

    @wraithkenny, Glad you were able to figure it out. No worries. Thanks also, for fixing the rating.

    Cheers

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Non-secure assets’ is closed to new replies.