Causes SSL Error

5 posts, 0 answers
  1. Marin Bratanov
    Admin
    Marin Bratanov avatar
    3595 posts

    Posted 08 Dec 2011 Link to this post

    Hello Cognitronic,

    These warnings arise because the scripts that the standard buttons load do not come via the https protocol but via the http protocol, as this is the link the social networks provide to obtain their scripts.

    I believe apart from a browser warning about security this should not affect the page.

    I am also logging the matter for research and we will check if it is possible to obtain the scripts via secure protocols, yet currently I cannot provide an estimate for this as it greatly depends on the options the networks offer. Please stay tuned and monitor the release notes for updates.


    Greetings,
    Marin
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now
  2. UI for ASP.NET Ajax is Ready for VS 2017
  3. Cognitronic
    Cognitronic avatar
    11 posts
    Member since:
    Sep 2012

    Posted 13 Dec 2011 Link to this post

    Yes, the page still works....it just X's out my ssl cert in the address bar and makes it appear to be unsecure....which is obviously not desirable!!  I will be looking forward to the fix...thank you!!
  4. Shaun Peet
    Shaun Peet avatar
    571 posts
    Member since:
    Aug 2004

    Posted 24 Dec 2011 Link to this post

    Hi Marin,

    The major networks (Facebook, Twitter, Google) provide both the SSL and non-SSL versions of their scripts at the same URL.  You guys should look into using protocol-relative URLs for all networks that provide both versions.

    So instead of using http://platform.twitter.com/widgets.js
    Just use //platform.twitter.com/widgets.js 

    That will immediately solve the problem for most of the good social networks, and for the others just keep using the full absolute URL like you are now.  It'll still break SSL for some cases, but not all.

    In the future, you should have a UseSSL property available for the control which would automatically disable any networks that don't provide that option (if there are any) and/or change the location of the script if needed (usually you don't).  And for the networks that have protocol-relative URLs nothing changes.

    Thanks,

    Shaun
  5. Svetlina Anati
    Admin
    Svetlina Anati avatar
    2795 posts

    Posted 27 Dec 2011 Link to this post

    Hello guys,

     We actually recently researched, improved and we are now testing the behavior of third party buttons when run under https. The problems were fixed except for the following:

    1) The facebook share button has some ssl problems which are out of our control and for which there is information on the net as well. However, in that case you could use Facebook Like which is actually designed by Facebook as an updated modern substitution of the old Share button and it will work fine.

    2) The Google + 1 button will still give a warning which is however caused by domains and not by different protocols. It also cannot be resolved but you can safely ignore it.

    Apart from that, the improved version of RadSocialShare regarding ssl will be available in the upcoming Service pack, which is scheduled around 5th of January, 2012. Once it is available, please test with it and the other issues (e.g with Twitter button) should not exist there.

    All the best,
    Svetlina Anati
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now
Back to Top
UI for ASP.NET Ajax is Ready for VS 2017