wpDiscuz - WordPress Comment Plugin
Share:
Notifications
Clear all

mixed insecure content


RomanArtemenko
Posts: 3
Topic starter
(@romanartemenko)
New Member
Joined: 1 year ago

After updating your plugin wpDiscuz v7, all the pages of my site that have comments are marked by browsers as pages with mixed insecure content.
If I deactivate your plugin, then this problem disappears.

2020 06 02 09 55 23
2020 06 02 09 59 04

"Parts of this page (such as images) are not protected."

An analysis of these pages showed that some elements of the comments plugin, such as rating stars and Bubble, have HTTP: // links

 

 "http://www.w3.org/2000/svg"

 

Topic Tags
5 Replies
Asti
Posts: 3852
 Asti
Support
(@asti)
Support member
Joined: 4 years ago

Hi @romanartemenko,

Thank you for leeting us know. We'll fix the issue in the next update. 

Reply
Tom
Posts: 447
 Tom
Support
(@tomson)
Support Team
Joined: 6 years ago

The http://www.w3.org/ is not a URL. This is a namespace XML: https://www.w3.org/2000/svg

Posted by: @romanartemenko

After updating your plugin wpDiscuz v7, all the pages of my site that have comments are marked by browsers as pages with mixed insecure content.

https://stackoverflow.com/questions/39974821/svg-creates-http-instead-https-on-non-absolute-url

As a matter of fact, this is not a security issue. However, we'll try to replace all SVG paths to https://in next update, so it should remove the SSL security message.

Reply
3 Replies
RomanArtemenko
(@romanartemenko)
Joined: 1 year ago

New Member
Posts: 3

@tomson

Thank.

Removing the cache and cookies in the browser did not solve the problem. I use the browsers Firefox, Google Chrome and Edge. Edge does not have this problem.

Reply
Tom
 Tom
Support
(@tomson)
Joined: 6 years ago

Support Team
Posts: 447

@romanartemenko,

You don't need to remove it. Just wait for the next update. It comes very soon.

Reply
RomanArtemenko
(@romanartemenko)
Joined: 1 year ago

New Member
Posts: 3

@tomson

Ok. Thank you!

Reply
Share: