Quantcast
Channel: AjaxControlToolkit Work Item Rss Feed
Viewing all articles
Browse latest Browse all 4356

Commented Unassigned: stylesheets (via CDN) not loaded via HTTPS [27780]

$
0
0
I have a fairly simple intranet-admin site on HTTPS.

__The stylesheets still load from HTTP (thus causing an "unsafe content" warning)__

When loading a page that contains both an AutoCompleteExtender and a CalendarExtender, the resulting page contains a reference to the HTTP (not HTTPS) CDN for the following stylesheets

```
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Backgrounds.css">
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Calendar.css">
```

Surely, these should either be using (href="https://ajax.aspnetcdn.com") or the automatic-prefix (href="//ajax.aspnetcdn.com")



Comments: It seems that the site had the following > <asp:ScriptManager runat="server" EnableCdn="true"> Changing the __"EnableCdn"__ setting to "false" proved a temporary workaround ... In addition to the __EnableCdn__ setting creating an __HTTP__ reference, there seems to be no obvious method to specifiy WHERE the files are loaded from (for example, if someone wanted to use a local network-resource, rather than _ajax.aspnetcdn.com_

Viewing all articles
Browse latest Browse all 4356

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>