Similar to #1357044: Mollom Statistics Page Breaks SSL, but this seems to be a different issue.

mollom_ssl.png

The specific error is

The page at [URL] displayed insecure content from http://mollom.com/site-manager/feed?key=nnnnnnnnn.
Files: 
CommentFileSizeAuthor
#3 mollom.protocol.3.patch495 byteseshta
PASSED: [[SimpleTest]]: [MySQL] 6,969 pass(es).
[ View ]
mollom_ssl.png182.9 KBgrendzy

Comments

Priority:Normal» Minor

Hm. The schema seems to be hard-coded in the .swf that is hosted on mollom.com; i.e., not part of the Mollom module.

I've reported this issue upstream. Will leave this issue open until the upstream issue is fixed.

Issue summary:View changes
Status:Active» Fixed

Thi has been fixed now. The swf will pull data from http or https depending on the protocol of the calling page.

Please re-open if you continue to see any ssl errors.

Status:Fixed» Needs review
Issue tags:+Needs backport to 6.x
StatusFileSize
new495 bytes
PASSED: [[SimpleTest]]: [MySQL] 6,969 pass(es).
[ View ]

Spoke too soon. In order to enable this we also need to enable javascript access from the SWF in order to utilize scripting to read the protocol from the url. I'm attaching a patch that addresses this.

Status:Needs review» Reviewed & tested by the community

Looks good to me.

Thanks - but the more I think of it. This doesn't have to be necessary. The module includes the swf from a secure domain already, there really isn't a reason to load the data from an insecure protocol other than a minimal speed gain. Perhaps the url for the feed should just always be secure.

Status:Reviewed & tested by the community» Fixed
Issue tags:-Needs backport to 6.x

This should be fixed based on some work done to the statistics SWF itself and no longer needs the patch. Since all modules include the SWF from the secure domain, the data is just pulled from the secure domain as well. Therefore no changes are needed to Flash permissions, etc.

Status:Fixed» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.