Thanks for you hard work here! I wanted to suggest simple fixes to prevent “Insecure Content” warning from browsers when loading pages via SSL.
The source of the issue is the url path definitions within wpcuf_insert_code() for All-In-One Cufon version 1.1.1. While the rest of the page is loaded via HTTPS, the cufon script and font files are still loading via HTTP.
The solution uses the plugins_url() function introduced in 2.6.0 which is aware of whether the page is loaded via HTTP or HTTPS:
Replace line 17:
$plugin = WP_PLUGIN_URL . '/' . plugin_basename(dirname(__file__));
$plugin = plugins_url(FALSE, __FILE__);
Replace line 18:
$cufon_font_location = WP_PLUGIN_URL . '/cufon-fonts';
$cufon_font_location = plugins_url() . '/cufon-fonts';
Replace line 34:
<?php wp_enqueue_script('font-' . $file, WP_PLUGIN_URL . '/cufon-fonts/' . $file );
<?php wp_enqueue_script('font-' . $file, $cufon_font_location . '/' . $file );
Replace line 39:
While I have not tested these changes with multisite enabled, I have verified that this works when WordPress is installed in a subdirectory as described here:
- The topic ‘[Plugin: All-In-One Cufon] SSL Support’ is closed to new replies.