Strange Menu JS / SSL Conflict

Chad_Abizeid · November 12, 2014, 4:51pm

Having this strange SSL error at https://www.logicweb.com/billing/clientarea.php (and during ordering process)

It was giving off an SSL “insecure elements” error.

I found the culprit that causes the SSL to be “partially” secured is because of this JS file

<script src="/js/custom.js"></script> <!-- Custom Js file for javascript in html -->

I had to remove that for now. The content of that file is below. I cannot figure out what’s in that file that is causing this.

http://snippi.com/s/lmtnx5n

I traced the cause from the custom.js file and had to remove it to make sure SSL is fully secured.

This portion…

// Navigational Menu ddsmoothmenu
ddsmoothmenu.init({
    mainmenuid: "menu", //menu DIV id
    orientation: 'h', //Horizontal or vertical menu: Set to "h" or "v"
    classname: 'navigation', //class added to menu's outer DIV
    contentsource: "markup" //"markup" or ["container_id", "path_to_menu_file"]
})

As soon as I change “menu"to something else like “menus”, it fixes the SSL problem, but breaks the menu itself site-wide. Not sure what to do from here to resolve this both ways. I’m baffled why that small code is causing a 'partially secured” error.

Would appreciate anyone’s help on this. Thank you.

WolfShade · November 12, 2014, 5:59pm

Unless I miss my guess, if the site is going through https, then the source for the .js file should also be through https. Instead of using a relative path, use the full FQDN path including https for the .js (and any other) file(s) - .css, images, everything.

HTH,

Chad_Abizeid · November 12, 2014, 8:43pm

Hi,

Thanks for your reply. I did forget to mention that I already tried that method as well, full path with https. Didn’t resolve the problem unfortunately. Kind of baffled about this.

WolfShade · November 12, 2014, 8:48pm

Are you absolutely sure that you put the full https path on EVERYTHING that is/was using a relative path? All it takes is one include/image that isn’t using https to trigger that notice.

Chad_Abizeid · November 12, 2014, 9:10pm

Yes, 100% sure. Header, footer, everything.

It’s that one tidbit menu code in js.

If I change the menu ID to something else, like menud or menu-s, it’ll fix that issue but break the menu layout globally due to the heavy code content for this menu itself, using “menu” as the ID.

oddz · November 12, 2014, 10:29pm

Well that doesn’t really tell you much considering the smooth menu code probably isn’t executing without valid DOM target. So that leaves you with something in the smooth menu script.

The first thing I would do is look around google to see if anyone else has had the same problem with that script.

Ex.
http://www.dynamicdrive.com/forums/archive/index.php/t-67439.html

felgall · November 13, 2014, 1:09am

Check the code inside of ddsmoothmenu and you will probably find a reference to a file in there that is using http:// instead of https://

Chad_Abizeid · November 13, 2014, 1:53am

Thank you @felgall

This is the entire ddsmothmenu js file, nothing in their about http related paths

/* Smooth Navigational Menu- By Dynamic Drive DHTML code library: http://www.dynamicdrive.com
   Script Download/ instructions page: http://www.dynamicdrive.com/dynamicindex1/ddlevelsmenu/
*/
var ddsmoothmenu={arrowimages:{down:["downarrowclass","",0],right:["rightarrowclass","images/icons/right.png"]},transition:{overtime:300,outtime:300},shadow:{enable:false,offsetx:5,offsety:5},showhidedelay:{showdelay:200,hidedelay:200},detectwebkit:navigator.userAgent.toLowerCase().indexOf("applewebkit")!=-1,detectie6:document.all&&!window.XMLHttpRequest,css3support:window.msPerformance||!document.all&&document.querySelector,ismobile:navigator.userAgent.match(/(iPad)|(iPhone)|(iPod)|(android)|(webOS)/i)!=null,getajaxmenu:function(e,t){var n=e("#"+t.contentsource[0]);n.html("Loading Menu...");e.ajax({url:t.contentsource[1],async:true,error:function(e){n.html("Error fetching content. Server Response: "+e.responseText)},success:function(r){n.html(r);ddsmoothmenu.buildmenu(e,t)}})},buildmenu:function(e,t){var n=ddsmoothmenu;var r=e("#"+t.mainmenuid+">ul");r.parent().get(0).className=t.classname||"ddsmoothmenu";var i=r.find("ul").parent();i.hover(function(t){e(this).children("a:eq(0)").addClass("noborder selected")},function(t){e(this).children("a:eq(0)").removeClass("noborder selected")});i.each(function(r){var i=e(this).css({zIndex:100-r});var s=e(this).find("ul:eq(0)").css({display:"block"});s.data("timers",{});this._dimensions={w:this.offsetWidth,h:this.offsetHeight,subulw:s.outerWidth(),subulh:s.outerHeight()};this.istopheader=i.parents("ul").length==1?true:false;s.css({top:this.istopheader&&t.orientation!="v"?this._dimensions.h+"px":0});i.children("a:eq(0)").css(this.istopheader?{}:{}).append('<img src="'+(this.istopheader&&t.orientation!="v"?n.arrowimages.down[1]:n.arrowimages.right[1])+'" class="'+(this.istopheader&&t.orientation!="v"?n.arrowimages.down[0]:n.arrowimages.right[0])+'" style="border:0;" />');if(n.shadow.enable&&!n.css3support){this._shadowoffset={x:this.istopheader?s.offset().left+n.shadow.offsetx:this._dimensions.w,y:this.istopheader?s.offset().top+n.shadow.offsety:i.position().top};if(this.istopheader)$parentshadow=e(document.body);else{var o=i.parents("li:eq(0)");$parentshadow=o.get(0).$shadow}this.$shadow=e('<div class="ddshadow'+(this.istopheader?" toplevelshadow":"")+'"></div>').prependTo($parentshadow).css({left:this._shadowoffset.x+"px",top:this._shadowoffset.y+"px"})}i.hover(function(r){var o=s;var u=i.get(0);clearTimeout(o.data("timers").hidetimer);o.data("timers").showtimer=setTimeout(function(){u._offsets={left:i.offset().left,top:i.offset().top};var r=u.istopheader&&t.orientation!="v"?0:u._dimensions.w;r=u._offsets.left+r+u._dimensions.subulw>e(window).width()?u.istopheader&&t.orientation!="v"?-u._dimensions.subulw+u._dimensions.w:-u._dimensions.w:r;if(o.queue().length<=1){o.css({left:r+"px",width:u._dimensions.subulw+"px"}).animate({height:"show",opacity:"show"},ddsmoothmenu.transition.overtime);if(n.shadow.enable&&!n.css3support){var s=u.istopheader?o.offset().left+ddsmoothmenu.shadow.offsetx:r;var a=u.istopheader?o.offset().top+n.shadow.offsety:u._shadowoffset.y;if(!u.istopheader&&ddsmoothmenu.detectwebkit){u.$shadow.css({opacity:1})}u.$shadow.css({overflow:"",width:u._dimensions.subulw+"px",left:s+"px",top:a+"px"}).animate({height:u._dimensions.subulh+"px"},ddsmoothmenu.transition.overtime)}}},ddsmoothmenu.showhidedelay.showdelay)},function(e){var t=s;var r=i.get(0);clearTimeout(t.data("timers").showtimer);t.data("timers").hidetimer=setTimeout(function(){t.animate({height:"hide",opacity:"hide"},ddsmoothmenu.transition.outtime);if(n.shadow.enable&&!n.css3support){if(ddsmoothmenu.detectwebkit){r.$shadow.children("div:eq(0)").css({opacity:0})}r.$shadow.css({overflow:"hidden"}).animate({height:0},ddsmoothmenu.transition.outtime)}},ddsmoothmenu.showhidedelay.hidedelay)})});if(n.shadow.enable&&n.css3support){var s=e("#"+t.mainmenuid+" ul li ul");var o=parseInt(n.shadow.offsetx)+"px "+parseInt(n.shadow.offsety)+"px 5px #aaa";var u=["boxShadow","MozBoxShadow","WebkitBoxShadow","MsBoxShadow"];for(var a=0;a<u.length;a++){s.css(u[a],o)}}r.find("ul").css({display:"none",visibility:"visible"})},init:function(e){if(typeof e.customtheme=="object"&&e.customtheme.length==2){var t="#"+e.mainmenuid;var n=e.orientation=="v"?t:t+", "+t;document.write('<style type="text/css">\n'+n+" ul li a {background:"+e.customtheme[0]+";}\n"+t+" ul li a:hover {background:"+e.customtheme[1]+";}\n"+"</style>")}this.shadow.enable=document.all&&!window.XMLHttpRequest?false:this.shadow.enable;jQuery(document).ready(function(t){if(typeof e.contentsource=="object"){ddsmoothmenu.getajaxmenu(t,e)}else{ddsmoothmenu.buildmenu(t,e)}})}}

Chad_Abizeid · November 13, 2014, 9:00pm

Just curious if anyone might have an idea about this? It’s really strange and I’m still trying to trace the cause.

Thank you in advance.

WolfShade · November 13, 2014, 9:43pm

Near the very beginning:

right:[“rightarrowclass”,“images/icons/right.png”]

This isn’t referencing https://. I didn’t look for more, but there may be.

HTH,

Chad_Abizeid · November 13, 2014, 10:42pm

Thanks. Tried even with full path (https), didn’t solve it.

Mittineague · November 13, 2014, 10:49pm

I’m still seeing 25 http:'s in the mark-up.
What am I missing here?

Chad_Abizeid · November 13, 2014, 11:04pm

Those are all page links

a href="http:

That doesn’t affect the SSL issue.

James_Hibbard · November 14, 2014, 10:40am

Can you post a link where we can see this?
I visited the link from post#1 but that seemed to work as intended (I didn’t get a SSL “insecure elements” error), so I guess you removed something.

Chad_Abizeid · November 14, 2014, 2:01pm

I found the culprit, FYI in case someone else faces this problem

In the ddsmoothmenu.js file, this line

var ddsmoothmenu={arrowimages:{down:["downarrowclass","",0]

Changed to

var ddsmoothmenu={arrowimages:{down:["downarrowclass"]

SSL good, menu still working as is.

system · February 13, 2015, 9:08pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.