SSL support for the AddThis widget

Speeddymon
(@speeddymon)

8 years, 4 months ago

Hi,

After reading an article on WIRED about how the Chrome team is going to start forcing more and more of the web to start using SSL, I decided to take the plunge and enable SSL on all of my domains. That includes one domain which uses SEO Ultimate.

Once I did that, I enforced SSL-based viewing in my apache config, and I visited my site to see what broke. I was pleasantly surprised to find only a few elements in my posts were insecure, and was able to modify all of the media in my posts to https relatively easily.

Unfortunately, I found that the AddThis part of the SEO Ultimate plugin does not check whether http or https is in use and instead always loads the insecure elements from the AddThis site (link)

While this element loads properly, it unfortunately forces the site to render with mixed content which prevent Chrome from displaying that lovely little green padlock.

The above link can be found in the SEO Ultimate code at seo-ultimate/modules/sharing-buttons/sharing-buttons.php line 25

It would be really fantastic if you could enforce that the plugin checks whether a site is using http or https and loads elements in the correct protocol.

Viewing 9 replies - 1 through 9 (of 9 total)

Plugin Author Jeffrey L. Smith
(@seo-design-solutions)

8 years, 4 months ago

Have you tried using the Miscellaneous module and selecting this option?

You could also disable the add this module to prevent it from being added to the site. We could look into revising the code for the PRO version, but, the FREE version is being discontinued shortly.

Best,

Jeffrey
Thread Starter Speeddymon
(@speeddymon)

8 years, 4 months ago
Hi Jeffrey,

I checked the Miscellaneous module based on your recommendation and enabled the option as recommended, however it is unfortunately still showing as the insecure link.

Is the pro version $29 one time, or is that recurring and how often is the recurring period?
I would like to see it fixed and am happy to spend $29 one time to get pro for life.
- This reply was modified 8 years, 4 months ago by Speeddymon. Reason: subscribe again
Plugin Author Jeffrey L. Smith
(@seo-design-solutions)

8 years, 4 months ago

Hey Speeddy:

We have a FAQ section on this page about the Pro version… Also, after looking at the code, I’m wondering if we should reach out to them as well to see if they can put that image [your link] on a secure page.

Let me know if you have any additional questions.

Best,

Jeffrey

Thread Starter Speeddymon
(@speeddymon)

8 years, 4 months ago

Thanks for the update.

From what I recall in my testing (not home so can’t test for another couple of hours) there is a secure version of the image available by substituting https://, as when I use the WordPress plugin “SSL Insecure Content Fixer” it loads properly in https and I get the padlock. It just seems the canonicalizer module isn’t changing it by itself.

I’d like to not have to use an extra plugin to fix a single link, which was why I was hoping to see it fixed here. Lol

Thanks again for the FAQ link, I’ll check it out.

Plugin Author Jeffrey L. Smith
(@seo-design-solutions)

8 years, 4 months ago

I’ve passed it along to dev to fix on PRO!

Thanks.

Best,

Jeffrey
reikiman
(@reikiman)

8 years ago
Your response is pretty ridiculous. This is not something which should require any PRO feature – but instead is a simple change in your code. Specifically the problem is here:

sharing-buttons.php: , 'addthis_code' => '<a href="http://addthis.com/bookmark.php?v=250"><img src="http://s7.addthis.com/static/btn/v2/lg-share-en.gif" width="125" height="16" alt="' . __('Bookmark and Share', 'seo-ultimate') . '" /></a><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>'

If instead of “http://” you simply had “//” then it would work perfectly in either HTTP or HTTPS conditions. Meaning that line should read:

sharing-buttons.php: , 'addthis_code' => '<a href="//addthis.com/bookmark.php?v=250"><img src="//s7.addthis.com/static/btn/v2/lg-share-en.gif" width="125" height="16" alt="' . __('Bookmark and Share', 'seo-ultimate') . '" /></a><script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js"></script>'
- This reply was modified 8 years ago by reikiman.
Plugin Author Jeffrey L. Smith
(@seo-design-solutions)

8 years ago
@reikiman:

Thanks for your response, however, I think you missed the part about the all updates happening on PRO and not FREE version.

We’ve invested hundreds of thousands on coding this plugin and offering it Free since 2008, and that’s no longer an option, so, if you want to tweak the free version on yours, by all means do so, we’ve simply changed the model.

And, if you like it, then support it with a license and we will gladly fix this and any other glitches you find…(since that module was added in 2010) before the https issue was a big deal.

Best,

Jeffrey Smith
- This reply was modified 8 years ago by Jeffrey L. Smith.
reikiman
(@reikiman)

8 years ago

Sorry – that’s the wrong answer.

Thread Starter Speeddymon
(@speeddymon)

8 years ago

@reikiman I have to politely disagree. Your tone on here is the wrong King of tone. You’re using a free product for which they have no obligation to provide support.

You have already demonstrated you have at least some proficiency with PHP. Either fix it yourself in the (no longer supported) free version, or fork the free version into an open source GitHub project and start providing support for it yourself.

Either way, as someone who has no knowledge of PHP, I appreciate their product enough that I bought a license, so please kindly get off my thread if you’re going to bed rude.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘SSL support for the AddThis widget’ is closed to new replies.