User Tools

Site Tools


Sidebar

jtrackgallery.net
J!TrackGallery J!2.5 demo J!TrackGallery forum J!TrackGallery GitHub







manual:config:secure-http

This is an old revision of the document!


Secure HTTP

Sometime you may need secure access to your website: https://www.yireo.com/tutorials/joomla/joomla-administration/1506-dealing-with-ssl-mixed-content-in-joomla. This may concern the whole website, or only some pages. As an example, this is recommended for pages containing a login form.

Using non secured URL with secured content

By default, most website use non secured (http:\/\/) URL. However if one page has a login form, Mozilla will complain saying that: Password fields present on an insecure (http:\/\/) page. This is a security risk that allows user login credentials to be stolen. (see https://developer.mozilla.org/en-US/docs/Web/Security/Insecure_passwords)

The solution is to use secured (https) URL for all contents (all included css, js….) However if one content is not available as secured (in our case Hike and Bike maps URL are not secured) , the non secured content is loaded instead and the browser also complains about security issue.

In both cases, a warning massage is issued by the browser at least the first time the page is browsed. In most browsers, you can bypass the warning message by granting permissions to the corresponding website, or saying this website is a trusted website.

JTrackGallery and HTTPS

IN order to create as less issue or warning when browsing a page with J!TrackGallery:

manual/config/secure-http.1506013357.txt.gz · Last modified: 2017/09/21 19:02 by cseguinot