Tagged: HTTPS secure upgrade
- June 6, 2016 at 11:12 AM #41421
The “Website” links are all being upgraded to HTTPS. Even though we’ve entered “http://someotherwebsite.com” into the Locations editor, they’re all displayed as https://someotherwebsite.com to the user. The remote sites do not support HTTPS, so the user ends up getting nothing, or worse, an SSL/TLS error.
This happens to all of SLP’s “Website” links only; the “Directions” links are left as insecure HTTP, as are other links on the site.June 6, 2016 at 1:12 PM #41430
Colin, could you update to ProPack 4.5 please. If you click on the locations website link does it redirect correctly… please let us know if updating to ProPack 4.5 helps I have not seen this particular issue before. I noticed when I visited the site link that you have a “Google My Maps” appear on that site, is it possible that is redirecting?
I have asked Lance about the website links. He will answer you in email, when he gets time, he has some paid customizations etc going on at the moment.June 6, 2016 at 5:00 PM #41441
Updating to ProPack 4.5 did not change anything. Clicking on the “Website” links still sends me to the external site over HTTPS, even when it shouldn’t.June 7, 2016 at 3:15 PM #41451
I spoke to the developer and he asked if we could see how and where you are entering it in the back end in the locations panel? As mentioned above I noticed you have another plugin called Google My Maps, so I have no idea if that is effecting the redirect, but when I brought this up at our meeting he said it will convert images to the same as sites directory path url (http toor https) where images are stored otherwise you will get error messages in your console about not loading resources but we never heard of this happening with SLP website links . Are you using Network Active Multisites? Something else is converting the site links, perhaps something in your theme or in your map plugin.
What does your SLP Results Layout look like for the attribute website links? For instance Mine is “slp_result_contact slp_result_website”>[slp_location web_link] , have you modified the SLP Plugin style using CSS by any chance?
I could not reproduce your situation. The steps I took to try and reproduce
1) . I added a brand new location randomly picked off the internet, that had an http not https. I added it and copied the link to PO Melvins exactly as it appeared in my browser.
2) updated and went back to my Locations and found PO Melvins, I hovered over the link.
I have attached what it looks like in the back end, and what it looks like on the front end.June 9, 2016 at 12:27 PM #41511
What is your website URL so we can see this in action on your site?
If you do not want to publish it here please email support @ storelocatorplus.com.June 9, 2016 at 12:58 PM #41514
I cannot reproduce this issue on any of the test systems running on an https:// protocol. The destination link remains with the original http:// protocol in the URL.
I’ve also tried this by specifying http://www.
.com and www. in the SLP location data for the website address. In either case the http protocol is used by default.
The ONLY way I can get the link in the location listing to come up as https is if I specify it as https.
There are ways within WordPress to force SSL URLs using WP hooks and filters. It may be that a non-SLP plugin is changing your URL processing rules and forcing https on ALL content including the JSONP response coming back from the WordPress AJAX processor. Hopefully that is not the case, but it appears that the problem may not be within the Store Locator Plus codebase.June 9, 2016 at 1:12 PM #41516
If it helps, I noticed a few things when analyzing this url:
1) Your location data does NOT specify the protocol.
For example: http://www.ourhandmademarket.com is the URL for Our Handmade Market.
If you enter http://www.ourhandmademarket.com in the URL field it should prevent mangling of the URL.
2) The SLP location processor uses the WordPress esc_url() function to get a proper web link from that URL field.
The function will NORMALLY always prepend http:// as the protocol. You can see the function reference and source here:
However any plugin/theme can change this a number of ways, the most common being via the ‘clean_url’ filter built into WordPress.
I am guessing that you have a plugin or theme component that is using clean_url to improperly apply the https:// protocol any time something on your site uses the esc_url() WordPress function.
Let us know if you need more assistance regarding this matter. Hopefully the above info will give you the insight you need to get this resolved.June 13, 2016 at 10:54 AM #41596
No, I’m entering URL’s with the scheme and they’re still being converted.
I don’t have any plugins called “Google My Maps” or “Network Active Multisites.”
The best I can tell, the CSS is not changing your Website links. However, the links are also mangled on the SLP administration pages, too.
Is there any way to check to see if anything is overriding the clean_url() or esc_url() functions, other than disabling plugins one at a time? This is a production site, so I’d like to avoid as much downtime as possible.June 22, 2016 at 3:23 PM #41746
There is nothing we can see on your site other than what you can see using Firefox or Chrome developer tools. There are other things running in the background. I have attached the error screen shot,
Do you or did you ever have the Old Store Pages add-0n with the old default page template? I saw something in the Results wrapper and page template referring to slp 4.2.1
Me using the basic Chrome developer “Inspect” console appears your theme.has error messages and appears to be using jquery 1.11 WP requires 1.12, (see last blog and WP support forums about WP 4.5 and jquery version updates.) somewhere you have this running on your WordPress site:
As far as your redirect message when you click on the website link shows this :
<body class=”page page-id-27 page-template-default responsive not-logged-in fiveserious yith-wcan-free shop-ribbon stretched-layout chrome google-font-open-sans yes_js”>
<div id=”fb-root” class=” fb_reset”><div style=”position: absolute; top: -10000px; height: 0px; width: 0px;”><div><iframe name=”fb_xdm_frame_https” frameborder=”0″ allowtransparency=”true” allowfullscreen=”true” scrolling=”no” id=”fb_xdm_frame_https” aria-hidden=”true” title=”Facebook Cross Domain Communication Frame” tabindex=”-1″ src=”https://staticxx.facebook.com/connect/xd_arbiter.php?version=42#channel=f258e9ce193730c&origin=https%3A%2F%2Fwww.thegraciousgourmet.com” style=”border: none;”>
If you need Lance to Troubleshoot your site (he doesn’t fix other developers bad themes) when he gets back in town please go through a Paid Support and add a ticket. I cannot delve into your admin and site any further than what is open to the public unfortunately.
- You must be logged in to reply to this topic.