0
Welcome Guest! Login
0 items Join Now

Web fonts causing 'insecure content' due to use of http://

Last Post
Search Topic
    • kourou's Avatar
    • kourou
    • Newbie
    • Posts: 5
    • Thanks: 1

    Web fonts causing 'insecure content' due to use of http://

    Posted 14 years 1 week ago
    • I've noticed that web fonts (Google fonts) are always called using http://, even if the page is served using https://. As a result browsers display errors (error varies by browser) on secure sites as the font represents 'insecure content'.

      This is easy to fix, I've modified:
      components/com_gantry/features/webfonts.php

      like so:
      <SNIP>
        $font_family = $gantry->get('font-family');
 
        // Added to setect whether to use HTTP or HTTPS:
        $mode = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
 
        // Only Google at this point
        if ($this->get('source') == "google" && in_array($font_family,$this->_google_fonts)) {
 
        // Modified to use the HTTP/HTTPS $mode defined earlier:
            $gantry->addStyle($mode.'://fonts.googleapis.com/css?family='.str_replace(" ","+",$font_family));
            $gantry->addInlineStyle("h1, h2 { font-family: '".$font_family."', 'Helvetica', arial, serif; }");
        }
<SNIP>

      However I am little surprised that I am finding this given Gantry has been around for ages, and I can't be the first person to use it on a secure site. Is this a regression or have I missed something somewhere else that should fix this in a better way?

      I'm using Gantry v3.1.11 - I saw a mention of 3.1.12 but my Joomla install is not yet telling me there is an update available. The template is Shiraz for Anahita.

      Obviously it would be good if any fix were in 3.1.12 so that updating doesn't bring the problem back.

    • The following users have thanked you: starterfirm

    #645277
    • Andy Miller's Avatar
    • Andy Miller
    • Preeminent Rocketeer
    • Posts: 9919
    • Thanks: 96
    • Web Kahuna

    Re: Web fonts causing 'insecure content' due to use of http://

    Posted 14 years 5 days ago
    • To be honest this has never come up, but we'll make sure this is updated for the next version of gantry. Your 'fix' looks good to me :)
    #646074
    • kourou's Avatar
    • kourou
    • Newbie
    • Posts: 5
    • Thanks: 1

    Re: Web fonts causing 'insecure content' due to use of http://

    Posted 13 years 11 months ago
    • Thanks Andy!

      It wasn't in 3.1.12 so I assume you mean .13?
    #648729

  • Re: Web fonts causing 'insecure content' due to use of http://

    Posted 10 years 6 months ago
    • Hi, I am having the same issue using the Rockettheme Hexeris Template.
      I am using Trebuchet MS, so I don't need a Google Font anyway.
      Can I turn this off somewhere? In which file would I find it?

      Thanks a lot,
      Chris
    #1139105
    • prim's Avatar
    • prim
    • Preeminent Rocketeer
    • Posts: 17290
    • Thanks: 217

    Re: Web fonts causing 'insecure content' due to use of http://

    Posted 10 years 6 months ago
    • Turn it off in the template settings.
    • Please reply with a direct link to the issue & create a new thread for each new issue.

      A template is only as good as the content that goes into it ;) - DanG
    #1139131

  • Re: Web fonts causing 'insecure content' due to use of http://

    Posted 10 years 6 months ago
    • Found it! thanks!
      Chris
    #1139149

Time to create page: 0.069 seconds