Autoptimize breaking SSL

shaische
(@shaische)

9 years, 11 months ago

We have the latest autoptimize version 2.0.2 that we are using and it’s breaking our SSL, specifically, we have SSL enabled partially on our website, only on our checkout. Most of our site runs http and the checkout process runs off https.

Our website is hosted on wpengine and we established the SSL through them. I talked to them and they said it’s most likely a plugin causing it such as woo commerce. Talked to woo commerce support and they narrowed it down to this plugin causing it – Autoptimize. Here’s what woo commerce support said:

“It seems this is because of the way the JavaScript / CSS is being optimized by the autoptimize plugin. I had a quick look at the settings and you are using the following value for the CDN Base URL: http://23re3128oij2wuxh2nd3ndfi.wpengine.netdna-cdn.com”

The reason being is that 2 images on the checkout page are not loaded through SSL as I understand. The woo commerce support suggested we try adding https:// or just // in front of the CDN url we have saved in the plugin’s settings. But // is not possible as it won’t let me save it and adding https:// causes the website to break.

Any suggestions? Our website is deltaprintr.com. Because of this issue, the green lock on the url bar won’t show up during checkout, because the checkout is not fully loaded via SSL. This is what we’re trying to accomplish – to load the green lock during checkout.

You can see a picture of what images are not being loaded properly here: http://imgur.com/ZMLlq1t

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author Frank Goossens
(@futtta)

9 years, 11 months ago
hmm, you could use the autoptimize_filter_base_cdnurl filter to conditionally (when on checkout) change the protocol from http:// to https://

something like this (warning, I have not tested this! also assumption that your checkout-page has “/checkout” in the URL);
```
add_filter('autoptimize_filter_base_cdnurl','delaprintr_checkout_https');
function delaprintr_checkout_https($cdn_in) {
  if (strpos($_SERVER['REQUEST_URI'],'/checkout')!==false) {
    $cdn_out = str_replace('http:','https:',$cdn_in);
    return $cdn_out;
  } else {
    return $cdn_in;
  }
}
```
let me know if this helps (or if this does not work)!

frank
Plugin Author Frank Goossens
(@futtta)

9 years, 11 months ago

any luck testing this shaische?

Paul Hugel
(@paul-hugel)

9 years, 10 months ago

Please help I had to turn off Autoptimize
my site https://nko.org uses SSL on every page
I use wpengine and cloudflare free account

Broke Cloudflare’s Flexible SSL (mixed content) when I enabled Autoptimize (basic settings)
Optimize javascript code

When I looked at the Page Info under Media I see a
Type: GIF Image (background) Count (1)

Size: Unknown not cached

Dimensions:54px x 55px

location is listed as:

data:image/gif;base64,R0lGODlhNgA3APMAAP///0RERJubm1hYWE5OTuLi4oGBgeXl5dPT03h4eKmpqQAAAAAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAANgA3AAAEzBDISau9OOvNu/9gKI5kaZ4lkhBEgqCnws6EApMITb93uOqsRC8EpA1Bxdnx8wMKl51ckXcsGFiGAkamsy0LA9pAe1EFqRbBYCAYXXUGk4DWJhZN4dlAlMSLRW80cSVzM3UgB3ksAwcnamwkB28GjVCWl5iZmpucnZ4cj4eWoRqFLKJHpgSoFIoEe5ausBeyl7UYqqw9uaVrukOkn8LDxMXGx8ibwY6+JLxydCO3JdMg1dJ/Is+E0SPLcs3Jnt/F28XXw+jC5uXh4u89EQAh+QQJCgAAACwAAAAANgA3AAAEzhDISau9OOvNu/9gKI5kaZ5oqhYGQRiFWhaD6w6xLLa2a+iiXg8YEtqIIF7vh/QcarbB4YJIuBKIpuTAM0wtCqNiJBgMBCaE0ZUFCXpoknWdCEFvpfURdCcM8noEIW82cSNzRnWDZoYjamttWhphQmOSHFVXkZecnZ6foKFujJdlZxqELo1AqQSrFH1/TbEZtLM9shetrzK7qKSSpryixMXGx8jJyifCKc1kcMzRIrYl1Xy4J9cfvibdIs/MwMue4cffxtvE6qLoxubk8ScRACH5BAkKAAAALAAAAAA2ADcAAATOEMhJq7046827/2AojmRpnmiqrqwwDAJbCkRNxLI42MSQ6zzfD0Sz4YYfFwyZKxhqhgJJeSQVdraBNFSsVUVPHsEAzJrEtnJNSELXRN2bKcwjw19f0QG7PjA7B2EGfn+FhoeIiYoSCAk1CQiLFQpoChlUQwhuBJEWcXkpjm4JF3w9P5tvFqZsLKkEF58/omiksXiZm52SlGKWkhONj7vAxcbHyMkTmCjMcDygRNAjrCfVaqcm11zTJrIjzt64yojhxd/G28XqwOjG5uTxJhEAIfkECQoAAAAsAAAAADYANwAABM0QyEmrvTjrzbv/YCiOZGmeaKqurDAMAlsKRE3EsjjYxJDrPN8PRLPhhh8XDMk0KY/OF5TIm4qKNWtnZxOWuDUvCNw7kcXJ6gl7Iz1T76Z8Tq/b7/i8qmCoGQoacT8FZ4AXbFopfTwEBhhnQ4w2j0GRkgQYiEOLPI6ZUkgHZwd6EweLBqSlq6ytricICTUJCKwKkgojgiMIlwS1VEYlspcJIZAkvjXHlcnKIZokxJLG0KAlvZfAebeMuUi7FbGz2z/Rq8jozavn7Nev8CsRACH5BAkKAAAALAAAAAA2ADcAAATLEMhJq7046827/2AojmRpnmiqrqwwDAJbCkRNxLI42MSQ6zzfD0Sz4YYfFwzJNCmPzheUyJuKijVrZ2cTlrg1LwjcO5HFyeoJeyM9U++mfE6v2+/4PD6O5F/YWiqAGWdIhRiHP4kWg0ONGH4/kXqUlZaXmJlMBQY1BgVuUicFZ6AhjyOdPAQGQF0mqzauYbCxBFdqJao8rVeiGQgJNQkIFwdnB0MKsQrGqgbJPwi2BMV5wrYJetQ129x62LHaedO21nnLq82VwcPnIhEAIfkECQoAAAAsAAAAADYANwAABMwQyEmrvTjrzbv/YCiOZGmeaKqurDAMAlsKRE3EsjjYxJDrPN8PRLPhhh8XDMk0KY/OF5TIm4qKNWtnZxOWuDUvCNw7kcXJ6gl7Iz1T76Z8Tq/b7/g8Po7kX9haKoAZZ0iFGIc/iRaDQ40Yfj+RepSVlpeYAAgJNQkIlgo8NQqUCKI2nzNSIpynBAkzaiCuNl9BIbQ1tl0hraewbrIfpq6pbqsioaKkFwUGNQYFSJudxhUFZ9KUz6IGlbTfrpXcPN6UB2cHlgfcBuqZKBEAIfkECQoAAAAsAAAAADYANwAABMwQyEmrvTjrzbv/YCiOZGmeaKqurDAMAlsKRE3EsjjYxJDrPN8PRLPhhh8XDMk0KY/OF5TIm4qKNWtnZxOWuDUvCNw7kcXJ6gl7Iz1T76Z8Tq/b7yJEopZA4CsKPDUKfxIIgjZ+P3EWe4gECYtqFo82P2cXlTWXQReOiJE5bFqHj4qiUhmBgoSFho59rrKztLVMBQY1BgWzBWe8UUsiuYIGTpMglSaYIcpfnSHEPMYzyB8HZwdrqSMHxAbath2MsqO0zLLorua05OLvJxEAIfkECQoAAAAsAAAAADYANwAABMwQyEmrvTjrzbv/YCiOZGmeaKqurDAMAlsKRE3EsjjYxJDrPN8PRLPhfohELYHQuGBDgIJXU0Q5CKqtOXsdP0otITHjfTtiW2lnE37StXUwFNaSScXaGZvm4r0jU1RWV1hhTIWJiouMjVcFBjUGBY4WBWw1A5RDT3sTkVQGnGYYaUOYPaVip3MXoDyiP3k3GAeoAwdRnRoHoAa5lcHCw8TFxscduyjKIrOeRKRAbSe3I9Um1yHOJ9sjzCbfyInhwt3E2cPo5dHF5OLvJREAOwAAAAAAAAAAAA==

Plugin Author Frank Goossens
(@futtta)

9 years, 10 months ago

not entirely sure what is happening there Paul; the image you copy/pasted cannot break SSL, because it isn’t requested but is embedded in the code. As it is embedded as a base64-encoded string, it does not have a URL and as such it is neither HTTP nor HTTPS.

I think the best way forward would be to re-enable AO for me to have a look, what do you think?

frank

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Autoptimize breaking SSL’ is closed to new replies.