+- GetSimple Support Forum (http://get-simple.info/forums)
+-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3)
+--- Forum: Installation & Setup (http://get-simple.info/forums/forumdisplay.php?fid=5)
+--- Thread: https only for administration? (/showthread.php?tid=6285)
https only for administration? - mvlcek - 2014-05-20
It seems that GetSimple is ill fitted for using SSL for the administration only, e.g. if you access the administation with https:
- some resources (e.g. Javascript) are loaded using http, which exposes cookies, etc.
- inserting a (page/upload) link in a page will insert it with https (unless you manually change it)
- the flash uploader does not work, even if the certificate was added to the browser. It has to be disabled in gsconfig.php.
The first issue can easily be solved by using relative paths or omitting http(s): from the links.
Interestingly in GS 3.3.1 (without any plugins) the jquery-scrolltofixed.js is included multiple times:
Code:
<script src="http://www.glaube-gerechtigkeit.at/admin/template/js/fancybox/jquery.fancybox.pack.js?v=2.0.4"></script>
<script src="http://www.glaube-gerechtigkeit.at/admin/template/js/jquery-scrolltofixed.js?v=0.0.1"></script>
<script type="text/javascript" src="template/js/jquery-scrolltofixed.js?v=3.3.1"></script>
<script type="text/javascript" src="template/js/jquery.getsimple.js?v=3.3.1"></script>RE: https only for administration? - shawn_a - 2014-05-20
created issues, and found an old issue that was missing labels and milestones.
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/623
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/818
There was another issue closed about https and asset urls, I thought this was fixed, apparantly it just uses siteurl.
Thanks
RE: https only for administration? - shawn_a - 2014-05-20
Both of these have been addressed in hotfixes.
RE: https only for administration? - shawn_a - 2014-06-19
Uploadify won't be addressed we no longer use it.
have you had a chance to test this ?