WordPress.org

Ready to get started?Download WordPress

Forums

All-In-One Cufon
SSL Support (1 post)

  1. John LeBlanc
    Member
    Posted 2 years ago #

    Aloha Tom,

    Thanks for you hard work here! I wanted to suggest simple fixes to prevent "Insecure Content" warning from browsers when loading pages via SSL.

    The source of the issue is the url path definitions within wpcuf_insert_code() for All-In-One Cufon version 1.1.1. While the rest of the page is loaded via HTTPS, the cufon script and font files are still loading via HTTP.

    The solution uses the plugins_url() function introduced in 2.6.0 which is aware of whether the page is loaded via HTTP or HTTPS:
    http://codex.wordpress.org/Function_Reference/plugins_url

    Replace line 17:
    $plugin = WP_PLUGIN_URL . '/' . plugin_basename(dirname(__file__));
    with:
    $plugin = plugins_url(FALSE, __FILE__);

    Replace line 18:
    $cufon_font_location = WP_PLUGIN_URL . '/cufon-fonts';
    with:
    $cufon_font_location = plugins_url() . '/cufon-fonts';

    Replace line 34:
    <?php wp_enqueue_script('font-' . $file, WP_PLUGIN_URL . '/cufon-fonts/' . $file );
    with:
    <?php wp_enqueue_script('font-' . $file, $cufon_font_location . '/' . $file );

    Replace line 39:
    <script src="<?php echo WP_PLUGIN_URL; ?>/cufon-fonts/<?php echo $file; ?>" type="text/javascript"></script>
    with:
    <script src="<?php echo $cufon_font_location . '/' . $file; ?>" type="text/javascript"></script>

    While I have not tested these changes with multisite enabled, I have verified that this works when WordPress is installed in a subdirectory as described here:
    http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

    Aloha!
    John

    http://wordpress.org/extend/plugins/all-in-one-cufon/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic