tags:

views:

32

answers:

1
Q: 

Javascript redirect to SSL causing 'partially encrypted' error

My website's login uses AJAX to post the credentials. It then checks for an 'error/success' to be returned and then acts accordingly.

This has worked fine up until I wanted to add SSL.

Original code:

if (output == 'success')
   window.location=window.location;

Replacement code:

if (output == 'success')
   window.location=String(window.location).replace('http://', 'https://');

That redirects the user to the SSL'd page but it causes Firefox to present a content was partially encrypted error.

How can I use Javascript to redirect to the SSL'd page without giving a warning?

+1  A: 

Your code looks fine.

Usually the problem is that something (Javascript library, CSS file, image, etc) on an SSL page is not using SSL.

Use the Firebug "net" tab to examine everything loaded on the SSL page. Something is being referred to using http://

Larry K  2010-08-18 01:16:14
All GET requests on the SSL page show it pulling from HTTPS. No HTTP. If I manually refresh the page once it's loaded, it works fine.
Brad  2010-08-18 01:24:21
Here's a similar problem: http://forum.civicrm.org/index.php?topic=12063.0Try your pages in another browser. Is it FF specific?
Larry K  2010-08-18 01:37:56
Just tried it in Chrome and Internet Explorer. Chrome's URL bar lit up with no errors and IE lit up with the partially encrypted error. Firebug's net tab shows no HTTP content being loaded. The source of the page /does/ link to HTTP content (hyperlinks, no content being loaded) and the DOCTYPE and HTML XLMNS reference http:// but that shouldn't cause errors, right? :/
Brad  2010-08-18 01:48:13
Hmmm. Unfortunately no good idea offhand. I suggest you try some stepwise refinement. Eg start with an empty SSL destination page and keep adding your SSL page's content until you get the error. I agree that the doctype shouldn't matter. But you could try changing it just to be sure. Try some other things too: empty the FF cache; load the JS script using ssl on the first page. I'm puzzled that the GET on the https page works ok when direct but not when it's a redirect. Maybe try Fiddler to really see what's being requested--more reliable than the Firebug net tab in some cases.
Larry K  2010-08-18 03:00:33

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript