开发者

CKEditor with SCAYT over HTTPS gives Security Warning

开发者 https://www.devze.com 2022-12-21 07:27 出处:网络
I\'ve got a CKEditor WYSIWYG text and HTML editor control on an HTTPS/SSL web page. I just today enabled the SCAYT (spell check as you type) feature and 开发者_JAVA技巧now see a Security Warning when

I've got a CKEditor WYSIWYG text and HTML editor control on an HTTPS/SSL web page. I just today enabled the SCAYT (spell check as you type) feature and 开发者_JAVA技巧now see a Security Warning when the page loads.

It seems to be caused by these four files:

  • http://svc.spellchecker.net/spellcheck31/lf/scayt/_base.xd.js
  • http://svc.spellchecker.net/spellcheck31/lf/scayt/nls/caption.xd.js
  • http://svc.spellchecker.net/spellcheck31/lf/scayt/lang_list.js
  • http://svc.spellchecker.net/spellcheck31/lf/scayt/resources/blank.gif

I found a Ticket #4065 for this issue. SpellChecker.net reportedly corrected the problem from their end 12 days ago.

Why do I still see the warning form my web site?

Clarification

Those file names don't appear anywhere in my source code.


The problem is resolved on SpellChecker.net side


Why do I still see the warning form my web site?

Probably because you are still making http requests from a https page - why that is, I don't know though, from the bug it looks like CKEditor will switch protocols automatically. You didn't hard-code those four addresses you list above?


You are getting the warning because the scripts are not being loaded via a ssl link (https) just regular http.

I tried fetching the first script manually via ssl in my browser, and it seems to work fine.

I don't have any direct experience with this component, but I assume those lines were automatically generated. If so, there should be a setting somewhere to enable ssl, or it should be auto-detected by the script.

If you added the lines manually then replace the http:// wth https://, then it should stop giving you the warning message.

0

精彩评论

暂无评论...
验证码 换一张
取 消