Posted by: George L Smyth Oct 18 2018, 02:57 PM
The style sheet of https://www.dripinvesting.org/articles/default_test.asp is not loading.
Chrome's developer is telling me, "Mixed Content: The page at 'https://www.dripinvesting.org/articles/default_test.asp' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.dripinvesting.org/styles/styles.css'. This request has been blocked; the content must be served over HTTPS."
However, I am requesting it as such: "link href='https://dripinvesting.org/styles/styles.css' rel='stylesheet' media='only screen and (min-width: 250px)'"
This is the only call to the spreadsheet.
Any idea why the browser is thinking that I am requesting http and any idea how I might be able to fix this?
Thanks -
george
Posted by: George L Smyth Oct 18 2018, 03:31 PM
I fixed this by creating a relative path.
george
Posted by: Christian J Oct 18 2018, 05:17 PM
QUOTE(George L Smyth @ Oct 18 2018, 09:57 PM)
Chrome's developer is telling me, "Mixed Content: The page at 'https://www.dripinvesting.org/articles/default_test.asp' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.dripinvesting.org/styles/styles.css'. This request has been blocked; the content must be served over HTTPS."
Don't know if one should laugh or cry at Google/Chrome's idiocy (and hypocrisy --requiring connnections to be "secure" while nobody spies as much as Google itself). I choose this as a compromise:
QUOTE
However, I am requesting it as such: "link href='https://dripinvesting.org/styles/styles.css' rel='stylesheet' media='only screen and (min-width: 250px)'"
Seems https://dripinvesting.org/styles/styles.css redirects to http://www.dripinvesting.org/styles/styles.css for some reason (note the added www and lost https).
Posted by: pandy Oct 18 2018, 08:13 PM
Yeah. But this isn't limited to Chrome. It is how it works with SSL.
Posted by: Christian J Oct 19 2018, 04:53 AM
QUOTE(pandy @ Oct 19 2018, 03:13 AM)
Yeah. But this isn't limited to Chrome. It is how it works with SSL.
True, browsers have always warned about mixed content.
I was ranting about the new https://www.theregister.co.uk/2018/07/23/https_dday_google_chrome/, but maybe that's not the issue here after all.