{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一纸荒年 Trace。 的问题《https and http combined .htaccess》','https://www.manongdao.com/q-710351.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've got the follow problem.
I have a website and for the directories /members and /admin I have a .htaccess which forces these URLs to go to https:// All other URLs are forced to go to normal https://
Now, for /members which is https:// I have in the pages a reference to /js/script.js which in imported into the page, but ofcourse this directory /js is forced to normal http:// while the page is displayed in https://
Internet Explorer users are shown a popup if they want to view non-secure content in the secure page, if they click yes, it's ok. If they click no, then the javascript doesn't work.
The /js is used in the normal http:// website and also in the /members secure website. This also is the case for the /images directory
So i'm not sure how to solve this problem. Other than say that /js and /images can be https or http. But I have no clue on how to configure this in the htaccess file.
Any help would be much appreciated!
This is the htaccess file I use now :
#Turn SSL on everything, except members and admin
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} ^(/members|/admin)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Turn SSL off everything, except members and admin
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^(/members|/admin)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
There are quite a few approaches. Here are just a few.
Number 1. Add this before your rules:
The rule above will leave protocol as is for ALL css/js/image files (anywhere on a site)
Number 2. Add this before your rules:
The rule above will leave protocol as is for ALL files in css/js/image folders (e.g.
example.com/js/main.js,example.com/images/logo.pngor evenexample.com/js/compress.phpIf you want -- you can combine them into single rule (to be more specific) -- but that is unnecessary (from my point of view).
In your images and js directories create their own .htacess file with the following in it:-
This will turn off writes for all files in that folder.
In your html do not specify the domain on the links so do
/js/myscript.jsinstead ofhttp://mydomain.com/js/myscript.jsthis way it will just inherit the same protocol as the page they are viewing it on.I faced the same issue an year back. Was able to arrive at a conclusion on my own finally.
Check out my question and answer htaccess (https to http)