Plugin freetag not compatible with HTTPS connections

Found a bug? Tell us!!
Post Reply
Manko10
Regular
Posts: 50
Joined: Sun Dec 26, 2010 4:58 pm

Plugin freetag not compatible with HTTPS connections

Post by Manko10 »

Hi,

the pluginfreetag is not compatible with HTTPS connections and causes mixed content in the backend.
In line 897 of the file seredenipty_event_freetag the following script tag is hardcoded:

Code: Select all

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js" type="text/javascript"></script>
This should be changed to

Code: Select all

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js" type="text/javascript"></script>
so that encrypted connections cannot be occupied by a MITM.
Top
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:
Contact garvinhicking

Re: Plugin freetag not compatible with HTTPS connections

Post by garvinhicking »

Hi!

Good catch, thanks. I just committed an update.

Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Top
Post Reply

Return to “Bugs”