HighStock Charts not Working over SSL ie https - highcharts

I have a site which is a secure site means, it is accessed using https:// protocol.
This site has highchart on it.
The highchart was working perfectly when the protocol was http://.
But after installing secure certificate it failed to load in any browser.
I had imported the HighStock chart js as shown below.
Then I thought of changing the protocol for fetching the js from http:// to https:// as shown below
After this the chart started to render properly in internet explorer.
But the charts are still not loading in google Chrome,Firefox and Safari etc.
Can Anyone tell me the proper way to render/display HighStock chart over a site
that is accessed using https:// protocol.
also the export and print functionality should also work.
This is a very urgent requirement, so any sort of help would be appreciated.
Thanks in advance.
Regards
Soham Patel

I had the same problem and I solved it by removing the protocol (http:) by doing this:
<script src="//www.myserver.com/js/HighStock/js/highstock.js" type="text/javascript"></script>

Without any code to look at, it's hard to tell, but one option is that you are loading some things with http and others with https. Make sure that everything in the page is using https e.g. All loaded scripts, etc.

Related

rails 4.2.6 upgrade-insecure-requests CSP meta how to put in the head?

I have a Rails 4.2.6 application running. In some of my pages, I use iframe to put Google Map Embedded api to show maps of some locations. My whole website is https secured using letsencrypt. However the pages that use google map api always get a "Not Secure" warning from Chrome or Firefox. When I remove the google map iframes, the warning disappears.
I have googled a lot and there is a workaround in here using meta tag. The workaround is an HTML format, but I still don't know how to put the meta tag to my rails application. The keyword seems to be "upgrade-insecure-requests".
Please help, thank you .
Solved!
just put this line
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
in your main html file.
In my case, it is not application.html.erb, it's another file. After I put that line in my home page file, everything is working just fine now.

Rails 4.1 analytics and site verification

My site is in Rails 4.1.7 and is hosted in Ninefold.
I want to verify and add Google Analytics to it.
I tried uploading html file in public folder, no go.
I tried creating controller and route, didn't work.
I tried a couple of solutions that were supposed to do a workaround in turbolinks and added the analytics script to the footer. Didn't work
Any ideas?
I must add that in the first two solutions, the html / action were accessible through the browser call but not through external links (when you try to verify, it gives you a link in webmasters tools), which has led me to believe it's a csrf situation, where rails blocks incoming connections from other websites.
UPDATE: I have this solution live, analytics shows me some data but site verification still does not work.
UPDATE 2: Ok, i solved it. The problem was that i had stated the domain as domain.com in Ninefold and forgot about it, and then i was trying to verify www.domain.com in Google. Solved by adding the extra domain and verifying both of them.

How to contact Grails web maintainers?

This probably isn't the best place to post this question. I can't find any way of contacting the Grails.org web site maintainers. I've looked all over the web site and in "Community" but can't find what looks like the right thing. Can someone point me in the right directions please?
My problem is that the presentation for 1) What is Grails on https://grails.org/learn just results in an empty pop-up box. This happens on both Chrome and Firefox.
Thanks in advance.
Issues for the website can be filed at http://jira.grails.org/browse/WEBSITE
That is a flash presentation and the url you have opened uses SSL (secured channel) as a result it tries to block the flash content as unauthorized script.
In Chrome, make sure you load the script as an unsafe script (from the address bar) and you should be able to see the presentation. Same would be applicable for Firefox.

Mathjax not working in browser when hosted on Google Drive

This is first time I'm driving to use Mathjax, the maths is written in LaTeX, it works fine when I open the page locally, but when I host the same page on Google Drive, Mathjax no longer works, I only see the LaTeX code.
Here is the link to the webpage.
https://googledrive.com/host/0B6DfW2X25tuNck9yLTFSX2hiTEE/Group%20challenge%20Topic%206.html
And here is my code.
https://drive.google.com/folderview?id=0B6DfW2X25tuNck9yLTFSX2hiTEE&usp=sharing
I have tried everything, I'm using latest Chrome, so it shouldn't have any issues loading Mathjax
Since Google Drive is using a https:// URL, you need to load all your resources via https as well or you will get a security violation (check the browsers console for these). So that means you need to use an https: URL for MathJax. The MathJax CDN provides an alternate URL for that: https://c328740.ssl.cf1.rackcdn.com/. See the MathJax FAQ for details.

MVC Bundling with HTTPS IE7

I have successfully implemented MVC bundling for my MVC application. There is one problem with the run time which runs under HTTPS.
I am sure there is a problem because when I switch the debug field to false the user gets the warning message "This page contains secure and nonsecure items. Do you wish to proceed?
I know that I can turn this prompt off using the security setting in IE. I would like to know if there is something I can do to the application so that bundled scripts and styles come through the secure pipe.
If you use the Scripts.Render helper to include the bundle it will use the same HTTP scheme as the one used to request the main page. So if the main request was done over HTTPS then this helper will generate a <script> element using HTTPS. You could use the Net tab of FireBug to see which resources are served through HTTP and HTTPS and be able to isolate the problem.
Thank you for this suggestion. I figured out that the problem was coming from modernizr-1.7.js
The strange thing was that this problem only occurs when modernizr is bundled. I removed modernizr because we don't really need it.

Resources