Right now Gigya is always using http://cdn.gigya.com as the protocol for gigya javascript that's added to the head of the page. On browsers like IE8 this can cause a warning about insecure content. I fixed this by modifying the url to use an SSL connection when necessary:

$uri_prefix =  $_SERVER['HTTPS'] == 'on' ? 'https' : 'http';
drupal_set_html_head('<script src="'. check_url(url("$uri_prefix://cdn.gigya.com/JS/gigya.js?services=socialize"))
...

Comments

jrust’s picture

I should mention that this doesn't completely resolve the problem, because IE8 reports that it has "blocked the website from displaying content with security certificate errors." But hopefully Gigya will renew their SSL certificate soon.

EvanDonovan’s picture

Title: Gigya causes "insecure content" warning on SSL pages » Gigya causes "insecure content" warning on SSL pages (SSL cert. for Gigya domain needs updated)
Version: 6.x-1.x-dev » 6.x-2.0

I assume this is still the case in the current version. Perhaps we should send itamar@gigya-inc.com or support@gigya-inc.com an email in re: the SSL certificate issue.

EvanDonovan’s picture

Title: Gigya causes "insecure content" warning on SSL pages (SSL cert. for Gigya domain needs updated) » Gigya causes "insecure content" warning on SSL pages: Needs patch to switch URL & protocol as needed
Version: 6.x-2.0 » 6.x-2.1

As per my conversation with Gigya tech support today, the URL should be cdns.gigya.com.

Since we use SSL on some pages also, I will try to roll a patch for this soon.

azinck’s picture

committed to dev

azinck’s picture

Status: Active » Fixed
EvanDonovan’s picture

azinck: Thanks!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.