CMS MADE SIMPLE FORGE

CMS Made Simple Core

 
Back Back to List

[#7223] MicroTiny filepicker fails with HTTPS admin

avatar
Created By: Fred Polizo (fredp)
Date Submitted: Tue Nov 22 01:01:47 -0500 2011

Assigned To: Robert Campbell (calguy1000)
Version: 1.10.2
CMSMS Version: 1.10.2
Severity: Major
Resolution: Fixed
State: Closed
Summary:
MicroTiny filepicker fails with HTTPS admin
Detailed Description:
I noticed that the MicroTiny filepicker fails to select files when
$config['admin_url'] is set to use the HTTPS protocol. I've included a list of
javascript errors reported, from the console of a Chrome 15.0.873.121 browser.
These resulted from using "Insert/Edit Image", but errors also occur when using
"Insert/Edit Link".

To reproduce:
1. Set config to use HTTPS for admin.
2. Login and go to  'Extensions » MicroTiny WYSIWYG editor'
3. Try to insert a link or image into the 'MicroTiny example'. 

Config info:
 $config['admin_url']='https://example.com/admin';
 $config['root_url'] =  'http://example.com';

Errors:
The page at about:blank displayed insecure content from
http://example.com/modules/MicroTiny/filepicker.php?_sx_=4de1f7ca&type=image.
--------------------------------------------------------------------------------
Unsafe JavaScript attempt to access frame with URL
https://example.com/admin/moduleinterface.php?_sx_=4de1f7ca&module=MicroTiny
from frame with URL
http://example.com/modules/MicroTiny/filepicker.php?_sx_=4de1f7ca&type=image.
Domains, protocols and ports must match.
--------------------------------------------------------------------------------
tiny_mce_popup.js: Uncaught TypeError: Cannot read property 'EditorManager' of
undefined
--------------------------------------------------------------------------------
The page at
https://example.com/admin/moduleinterface.php?_sx_=4de1f7ca&module=MicroTiny
displayed insecure content from
    http://example.com/modules/MicroTiny/images/dir.gif.
--------------------------------------------------------------------------------
The page at
https://example.com/admin/moduleinterface.php?_sx_=4de1f7ca&module=MicroTiny
displayed insecure content from
    http://example.com/uploads/images//thumb_logo1.gif.
--------------------------------------------------------------------------------
The page at
https://example.com/admin/moduleinterface.php?_sx_=4de1f7ca&module=MicroTiny
displayed insecure content from
    http://example.com/uploads/images//thumb_bg3.JPG.
--------------------------------------------------------------------------------
Unsafe JavaScript attempt to access frame with URL
http://example.com/modules/MicroTiny/filepicker.php?_sx_=4de1f7ca&type=image
from frame with URL
https://example.com/admin/moduleinterface.php?_sx_=4de1f7ca&module=MicroTiny.
Domains, protocols and ports must match.
--------------------------------------------------------------------------------


History

Comments
avatar 
Date: 2012-04-14 23:12
Posted By: Robert Campbell (calguy1000)

lemme guess... this is using IE?  IE is the only one that pukes this badly on
mixed (but perfectly valid) content.
avatar 
Date: 2012-04-14 23:26
Posted By: Robert Campbell (calguy1000)

fixed for CMSMS 1.11
avatar 
Date: 2012-04-15 02:15
Posted By: Fred Polizo (fredp)

Nope. I do all my work on linux and avoid IE whenever possible. 

From the  the bug report: "... javascript errors reported, from the console of a
Chrome 15.0.873.121 browser."

Thanks for the fix nonetheless.
avatar 
Date: 2012-08-02 07:29
Posted By: Rolf (rolf1)

CMSMS 1.11 is released
avatar 
Date: 2013-03-01 05:52
Posted By: Francesco (fmandia)

I've exatly the same issue and I'm using 1.11.4  "Fernandina"
How can I solve it?
Updates

Updated: 2012-08-02 07:29
state: Open => Closed

Updated: 2012-04-14 23:26
resolution_id: 5 => 7

Updated: 2012-04-14 15:42
resolution_id: => 5
assigned_to_id: 100 => 106