Flash Sale. Use code FLASHOCT18 at checkout for 40% Discount!!

logo-responsive
Welcome, Guest
Username: Password: Remember me

TOPIC: Suggestion: Auto-detecting HTTPS in templates

Suggestion: Auto-detecting HTTPS in templates 2 months 1 week ago #14644

  • icomex
  • icomex's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 6
  • Karma: 0
I understand that with recent law changes in Europe, dynamically downloading fonts from Google's live servers has introduced some legal issues regarding disclosure and transparency, and I have seen your instructions about removing dependency on Google's font servers, and downloading Google's fonts to serve them locally. However, in the U.S. these changes aren't legally mandated (yet).

However, recent moves by Google and browser developers to encourage the use of https are still causing issues with many of our sites with Joomlage templates. A website hosted with https active can't display its lock icon if it loads content from a site which isn't https. Sometimes, the browsers even throw popup errors which scare visitors off. Every Joomlage template that I've used downloads fonts from Google without using https, even though those header tags are constructed on a php generated page. Since every one of those conflicts can delay the loading of the page, this can severely impact page load times.

Because of this, I am currently auditing every site we host which uses Joomlage templates, and implementing a simple set of fixes to a single joomlage file to avoid this delay (and bring back the lock icon.)

In each template, I locate the styles.php file ( "<template>/php/styles.php")
After the initial require or die line, I add the following code:
<?php 
    //  Template altered to automatically correct the protocol (2018-08-09)
    $protocol = ( $_SERVER['HTTPS'] )? 'https://': 'http://';
?>

Then I search for and replace every instance of "http://" which appears in a header link tag that follows my insert with
<?php echo $protocol ?>

The page now identifies if the site is using https and links to Google's https font URL if it is.

Would it be possible for you to include this fix in future templates (and to retrofit old templates, as time becomes available)?

Note: I have also found several templates which attempt to load "<template>/css/responsive-nav.css" and "<template>/css/responsive-nav-style.css", though they don't exist in those templates. This also slows page loads. I am removing them when necessary as part of the audit.

Thank you for all your hard work. It certainly makes our jobs easier.
The administrator has disabled public write access.

Suggestion: Auto-detecting HTTPS in templates 2 months 5 days ago #14655

  • JohnO
  • JohnO's Avatar
  • Offline
  • Administrator
  • Posts: 4939
  • Thank you received: 816
  • Karma: 95
Hello icomex,

Thank you for sharing your fix and pointing out the other issue.

Thanks,
JohnO
The administrator has disabled public write access.
Time to create page: 0.126 seconds
Powered by Kunena Forum

Use code   OCT18 at checkout

     October    

10% off Everything!