tags:

views:

497

answers:

5
+2  Q: 

Hosting YUI in SSL Site - IE Errors

I'm using YUI on my site. It works fine with no errors when you access over HTTP. However, when IE users access the site over HTTPS they get the dreaded "this page contains secure and nonsecure items" error message, which makes it really close to unusable.

I'm hosting the YUI files, so they're getting served up over HTTPS, but in the CSS file, it's referencing an image file over HTTP still which causes the IE error message to appear:

background:url(http://yui.yahooapis.com/2.7.0/build/assets/skins/sam/sprite.png)

Any suggestions for suppressing this error? There are a ton of HTTP links referenced in the CSS.

+1  A: 

You are going to have to change the links to go over HTTPS. I don't know if the YUI server at yahoo allows this (or you can host them yourself and redirect the css file to point to your server), but it's the only way to get rid of the message.

Kevin  2009-10-21 12:49:21
do you know if there's a utility to mirror every image that's referenced in a CSS file?
Dave  2009-10-21 12:54:19
+1  A: 

referencing assets from no secure urls is going to throw this warnings. SSL requires everything to be served from secure urls. Either host the files locally, or see if yahoo offers a secure option of the source files.

Aliixx  2009-10-21 12:51:16
A: 

Hosting everything on your side and using relative URLs are generally the best options for not facing any problems with SSL.

I suggest you download that file, host it on your side and not use any absolute (http or https) URLs.

Danny Maya  2009-10-21 14:45:28
+5  A: 

Go to http://developer.yahoo.com/yui/2/ & download the full developer kit, copy the build folder to wherever you want YUI to be hosted. Do a global search/replace in your YUI CSS for

http://yui.yahooapis.com/2.7.0/build/

and replace it with the path of the YUI build folder on your site. I'm assuming you grabbed the combined CSS from the YUI dependency tool & you don't need, so that's the easiest way to convert that.

Tivac  2009-10-21 15:00:22
grr - anyone know if a change was made in YUI 3 for this situation?
Simon_Weaver  2009-11-15 05:49:01
This requires that you use an absolute path to your YUI build folder - annoying if your site root is different in development and production.
Gabe Moothart  2010-07-09 18:46:32
Combining this answer with a previous one, you could search/replace `http://yui.yahooapis.com/2.7.0/build/` with the corresponding https google CDN
Gabe Moothart  2010-07-09 18:52:08
+3  A: 

If you wish to use hosted files, you can choose between Yahoo and Google Content Delivery Networks. Yahoo's network supports combo-handling; Google's supports SSL.

Check out the YUI Dependency Configurator

Select Google as your CDN and change the base url to https://

Tim Mays  2009-10-25 16:08:49
ha awesome. for anyone for whom this isnt obvious that quote comes from the yahoo page itself for YUI 2. no mention [yet] on YUI 3 page about using SSL either with or without google
Simon_Weaver  2009-11-15 05:54:00
A disadvantage to this is that Google doesn't support the rollup files that the Yahoo CDN uses. Also files are updated in Yahoo's CDN sooner than Google's.
Gabe Moothart  2010-07-09 18:44:06

related questions

Prevent Use of the Back Button (in IE)
How to stop IIS asking authentication for default website on localhost
Why do I cannot jQuery my page under Internet Explorer
How To Write a Plug-In for IE
Firefox vs. IE: innerHTML handling
Detect DOM modification in Internet Explorer
Good reasons for not letting the browser launch local applications
Printing DOM Changes
IE6 security login (debugging via VirtualPC)
What is your best tool or techniques for getting the same display on IE6/7 and Firefox?
IE 7+ Favorites
IE Securty Zone Issues
JavaScript Profiler in IE
IE6 - can't load a normal JPG
Opening Explorer shell with admin priveleges on XP (with IE7 installed)
Should we support IE6 anymore?
How do I add a pre tag inside a code tag with jQuery?
How can I get Unicode characters to display properly for the tooltip for the IMG ALT in IE7?
Weird event behavior in IE7
Firebug for IE
Debugging Javascript in Internet Explorer and Safari
IE6: To support or not to support.
Tabbed file browsing in Windows
Debugging: IE6 + SSL + AJAX + post form = 404 error
Javascript troubleshooting tools in IE