Mixed content warnings in backoffice (Presta 1.6.0.9)

[robbie007]

We have some troubles with mixed content in backoffice.

 

We've setup a multistore. Domain is a sub-domain but has it's own SSL. Sites on the domain have SSL certificates as well.

 

Errors like these:

 

Mixed Content: The page at 'https://****/*****/index.php?controller=AdminDashboard&token=****' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.***/'. This request has been blocked; the content must be served over HTTPS.

 

Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check http://xhr.spec.whatwg.org/.

 

 

Hope you guys have some input for us.

 

 

[bellini13]

The error is saying that your website (which is secure), is trying to include content from an external website which is not secure.

 

So the questions you need to answer is...

1) what is the external website

2) why is your back office trying to include content from it

[lfcarvajal]

 

We have some troubles with mixed content in backoffice.

 

We've setup a multistore. Domain is a sub-domain but has it's own SSL. Sites on the domain have SSL certificates as well.

 

Errors like these:

 

http://www.***/'. This request has been blocked; the content must be served over HTTPS.

 

Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check http://xhr.spec.whatwg.org/.

 

 

 

 

Hope you guys have some input for us.

 

 Hello, you fix that? 

 

i have the same problem in multistore.

[tuk66]

HTTPS together with different domains can be a problem. I'm not sure if all PrestaShop multistore code is strictly "one domain".