Details
-
Type:
Bug
-
Status: Done/Fixed
-
Priority:
Minor
-
Resolution: Won't Fix
-
Affects Version/s: 3.3.0
-
Fix Version/s: 4.3.0
-
Component/s: Core CiviCRM
-
Labels:None
Description
The Forced SSL setting (under admin, config, global settings, resource urls) does not seem to work on organization logo images uploaded and displayed in the organization profile, causing a popup warning for "mixed content" in an IE browser as the call for the logo image file is prefixed with http:// rather than https:// as follows:
logo image call:
http://our.domain.org/sites/default/files/civicrm/custom/logo.gif
web page trying to call the logo image:
https://our.domain.org/civicrm/contact/view?reset=1&cid=3
thus yielding the popup warning in the IE browser:
"Do you want to view only the webcontent that was delivered securely?
This page contains content that will not be delivered
using a secure HTTPS connection which could compromise
the security of the entire web page."
We're running: (simple install, nothing unusual)
CIVICRM 3.3.0 on DRUPAL 6.19 with MYSQL 5.1.8 with PHP 5.2.14
with an SSL Certificate (https prefix, not shared)
with Forced SSL & https:// in the "Resource URL" global configuration settings