Force http iframes to use https when viewed in https projects

thexerteproject · Jan 25, 2018 · b91bc12 · b91bc12
1 parent e7b1194
commit b91bc12
Show file tree

Hide file tree

Showing 9 changed files with 76 additions and 42 deletions.
diff --git a/modules/decision/play.php b/modules/decision/play.php
@@ -56,7 +56,7 @@ function show_template($row_play)
     $page_content = str_replace("%TEMPLATEPATH%", $template_path_string, $page_content);
     $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
     $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-	$page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row_play['template_name'] . "/",$page_content);
+	$page_content = str_replace("%THEMEPATH%", "themes/" . $row_play['template_name'] . "/",$page_content);
     $page_content = str_replace("%MATHJAXPATH%", "https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/", $page_content);
 
     echo $page_content;

diff --git a/modules/decision/preview.php b/modules/decision/preview.php
@@ -60,7 +60,7 @@ function show_preview_code($row){
     $page_content = str_replace("%TEMPLATEPATH%", $template_path_string, $page_content);
     $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
     $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-	$page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row['template_name'] . "/",$page_content);
+	$page_content = str_replace("%THEMEPATH%", "themes/" . $row['template_name'] . "/",$page_content);
     $page_content = str_replace("%MATHJAXPATH%", "https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/", $page_content);
 
     echo $page_content;

diff --git a/modules/site/parent_templates/site/common/js/application.js b/modules/site/parent_templates/site/common/js/application.js
@@ -214,41 +214,7 @@ function setup(){
 			// show definition on hover
 			if ($(data).find('learningObject').attr('glossaryHover') == undefined || $(data).find('learningObject').attr('glossaryHover') == "true") {
 
-				// add link around all examples of glossary words in text
-				var insertText = function(node) {
-					var temp = document.createElement("pre");
-					temp.innerHTML = node;
-					var tempText = temp.innerHTML;
-
-					// check text for glossary words - if found replace with a link
-					if (glossary.length > 0) {
-						for (var k=0, len=glossary.length; k<len; k++) {
-							var regExp = new RegExp('(^|[\\s>]|&nbsp;)(' + glossary[k].word + ')([\\s\\.,!?:;<]|$|&nbsp;)', 'i');
-							tempText = tempText.replace(regExp, '$1{|{'+k+'::$2}|}$3');
-						}
-						for (var k=0, len=glossary.length; k<len; k++) {
-							var regExp = new RegExp('(^|[\\s>]|&nbsp;)(\\{\\|\\{' + k + '::(.*?)\\}\\|\\})([\\s\\.,!?:;<]|$|&nbsp;)', 'i');
-							tempText = tempText.replace(regExp, '$1<a class="glossary" href="#" def="' + glossary[k].definition.replace(/\"/g, "'") + '">$3</a>$4');
-						}
-					}
-
-					return tempText;
-				}
-
-				var checkForText = function(data) {
-					for (var i=0; i<data.length; i++) {
-						if (data[i].nodeName == 'text') {
-							if ($(data[i]).attr('disableGlossary') != 'true') {
-								data[i].childNodes[0].data = insertText(data[i].childNodes[0].data);
-							}
-
-						} else {
-							checkForText(data[i].childNodes);
-						}
-					}
-				}
-
-				checkForText($(data).find('page'));
+				x_checkForText($(data).find('page'), 'glossary');
 
 				// add events to control what happens when you rollover glossary words
 				$("body > .container")
@@ -333,6 +299,12 @@ function setup(){
 		}
 	}
 
+	// if project is being viewed as https then force any iframe src to be https too
+	if (window.location.protocol == "https:") {
+
+		x_checkForText($(data).find('page'), 'iframe');	
+
+	}	
 
 	if (window.location.pathname.substring(window.location.pathname.lastIndexOf("/") + 1, window.location.pathname.length).indexOf("preview") != -1 && $(data).find('learningObject').attr('authorSupport') == 'true' ) {
 
@@ -605,6 +577,49 @@ function setup(){
 	}, 2000);
 }
 
+// add link around all examples of glossary words in text
+function x_insertGlossaryText(node) {
+	var temp = document.createElement("pre");
+	temp.innerHTML = node;
+	var tempText = temp.innerHTML;
+
+	if (glossary.length > 0) {
+		for (var k=0, len=glossary.length; k<len; k++) {
+			var regExp = new RegExp('(^|[\\s>]|&nbsp;)(' + glossary[k].word + ')([\\s\\.,!?:;<]|$|&nbsp;)', 'i');
+			tempText = tempText.replace(regExp, '$1{|{'+k+'::$2}|}$3');
+		}
+		for (var k=0, len=glossary.length; k<len; k++) {
+			var regExp = new RegExp('(^|[\\s>]|&nbsp;)(\\{\\|\\{' + k + '::(.*?)\\}\\|\\})([\\s\\.,!?:;<]|$|&nbsp;)', 'i');
+			tempText = tempText.replace(regExp, '$1<a class="glossary" href="#" def="' + glossary[k].definition.replace(/\"/g, "'") + '">$3</a>$4');
+		}
+	}
+
+	return tempText;
+}
+
+// check through text nodes for text that needs replacing with something lese (e.g. glossary)
+function x_checkForText(data, type) {
+	for (var i=0; i<data.length; i++) {
+		if (data[i].nodeName == 'text') {
+			if (type == 'glossary') {
+				if ($(data[i]).attr('disableGlossary') != 'true') {
+					data[i].childNodes[0].data = x_insertGlossaryText(data[i].childNodes[0].data);
+				}
+			} else if (type == 'iframe') {
+				function changeProtocol(iframe) {
+					if (/src="http:/.test(iframe)){
+						iframe = iframe.replace(/src="http:/g, 'src="https:').replace(/src='http:/g, "src='https:");
+					}
+					return iframe;
+				}
+				data[i].childNodes[0].data = data[i].childNodes[0].data.replace(/(<iframe.*?>.*?<\/iframe>)/g, changeProtocol);
+			}
+
+		} else {
+			x_checkForText(data[i].childNodes, type);
+		}
+	}
+}
 
 // this is the format of links added through the wysiwyg editor button
 function x_navigateToPage(force, pageInfo) { // pageInfo = {type, ID}
@@ -919,7 +934,6 @@ function parseContent(pageIndex){
 	}
 }
 
-// ** issues with this when using themes & header property on page level
 function setHeaderFormat(header, headerPos, headerRepeat, headerColour, headerTextColour, level) {
 
 	// LO background settings will be overridden by individual page ones (& returned to LO settings if page contains no background properties)
@@ -1455,6 +1469,11 @@ function loadXotContent($this) {
 		}
 	}
 
+	// if project is being viewed as https then force iframe src to be https too
+	if (window.location.protocol == "https:" && xotLink.indexOf("http:") == 0) {
+		xotLink = "https:" + xotLink.substring(xotLink.indexOf("http:") + 5);
+	}
+
 	var warning = window.location.pathname.substring(window.location.pathname.lastIndexOf("/") + 1, window.location.pathname.length).indexOf("preview") != -1 && (xotLink.indexOf('preview_') != -1 || xotLink.indexOf('preview.php?') != -1) ? '<p class="alertMsg">' + (languageData.find("errorEmbed")[0] != undefined && languageData.find("errorEmbed")[0].getAttribute('label') != null ? languageData.find("errorEmbed")[0].getAttribute('label') : "You have embedded an XOT project preview. You must make the project public and embed the public facing URL.") + '</p>' : '',
 		xotWidth = $this.attr('width') != undefined && ($.isNumeric($this.attr('width')) || $.isNumeric($this.attr('width').split('%')[0])) ? $this.attr('width') : '100%',
 		xotHeight = $this.attr('height') != undefined && ($.isNumeric($this.attr('height')) || $.isNumeric($this.attr('height').split('%')[0])) ? $this.attr('height') : 600;

diff --git a/modules/site/play.php b/modules/site/play.php
@@ -59,7 +59,7 @@ function show_template($row_play){
     $page_content = str_replace("%TEMPLATEPATH%", $template_path_string, $page_content);
     $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
     $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-	$page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row_play['template_name'] . "/",$page_content);
+	$page_content = str_replace("%THEMEPATH%", "themes/" . $row_play['template_name'] . "/",$page_content);
 
     echo $page_content;
 

diff --git a/modules/site/preview.php b/modules/site/preview.php
@@ -60,7 +60,7 @@ function show_preview_code($row)
     $page_content = str_replace("%TEMPLATEPATH%", $template_path_string, $page_content);
     $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
     $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-	$page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row['template_name'] . "/",$page_content);
+	$page_content = str_replace("%THEMEPATH%", "themes/" . $row['template_name'] . "/",$page_content);
 
     echo $page_content;
 }
diff --git a/modules/xerte/parent_templates/Nottingham/common_html5/js/xenith.js b/modules/xerte/parent_templates/Nottingham/common_html5/js/xenith.js
@@ -2665,6 +2665,17 @@ function x_insertText(node, exclude) {
         }
     }
 
+	// if project is being viewed as https then force iframe src to be https too
+	if (window.location.protocol == "https:" && exclude.indexOf("iframe") == -1) {
+		function changeProtocol(iframe) {
+			if (/src="http:/.test(iframe)){
+				iframe = iframe.replace(/src="http:/g, 'src="https:').replace(/src='http:/g, "src='https:");
+			}
+			return iframe;
+		}
+		tempText = tempText.replace(/(<iframe.*?>.*?<\/iframe>)/g, changeProtocol);
+	}
+
     // check text for glossary words - if found replace with a link
     if (x_glossary.length > 0 && exclude.indexOf("glossary") == -1) {
         for (var k=0, len=x_glossary.length; k<len; k++) {

diff --git a/modules/xerte/parent_templates/Nottingham/models_html5/embedDiv.html b/modules/xerte/parent_templates/Nottingham/models_html5/embedDiv.html
@@ -67,6 +67,10 @@
 					$iFrameHolder.addClass("centre");
 				}
 			} else { // use iframe to load web page
+				// if project is being viewed as https then force iframe to be https too
+				if (window.location.protocol == "https:" && pageSrc.indexOf("http:") == 0) {
+					pageSrc = "https:" + pageSrc.substring(pageSrc.indexOf("http:") + 5);
+				}
 				var iFrameTag = '<iframe id="iFrame" src="' + pageSrc + '" width="100%" height="' + embedDiv.calcHeight() + '" frameBorder="0"></iframe>';
 				$iFrameHolder.html(iFrameTag);
 				$iFrameHolder.addClass("centerAlign");

diff --git a/modules/xerte/play.php b/modules/xerte/play.php
@@ -144,7 +144,7 @@ function show_template_page($row, $datafile="")
         $page_content = str_replace("%TEMPLATEPATH%", $template_path, $page_content);
         $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
         $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-        $page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row['template_name'] . "/",$page_content);
+        $page_content = str_replace("%THEMEPATH%", "themes/" . $row['template_name'] . "/",$page_content);
 
         // Handle offline variables
         $page_content = str_replace("%OFFLINESCRIPTS%", "", $page_content);

diff --git a/modules/xerte/preview.php b/modules/xerte/preview.php
@@ -171,7 +171,7 @@ function show_preview_code2($row, $row_username){
         $page_content = str_replace("%TEMPLATEPATH%", $template_path, $page_content);
         $page_content = str_replace("%XMLPATH%", $string_for_flash, $page_content);
         $page_content = str_replace("%XMLFILE%", $string_for_flash_xml, $page_content);
-        $page_content = str_replace("%THEMEPATH%",$xerte_toolkits_site->site_url . "themes/" . $row['template_name'] . "/",$page_content);
+        $page_content = str_replace("%THEMEPATH%", "themes/" . $row['template_name'] . "/",$page_content);
 
         // Handle offline variables
         $page_content = str_replace("%OFFLINESCRIPTS%", "", $page_content);