Switching a website from HTTP to HTTPS breaks HTML Compressor-combined files (Using CloudFlare)

[riseofweb]

I have recently moved from a http to https and the combined minified files are still being served at http and therefor not loading, because of broken security.
I switched the http to https in the website url general settings. I have been able to get everything to work except for the combined files still being served over http.

I of course have cleared the cache.

Is the web address stored somewhere, or do I need to delete some files?

[riseofweb]

Yes this is when using cdn cloudflare.

[raamdev]

@riseofweb Quick Cache will use whatever settings you've configured in WordPress. There is no special setting for HTTP vs HTTPS in Quick Cache.

If you cleared the cache, then future requests should be serving things over the correct URL. However, I'm wondering if something is getting cached in your browser or via CloudFlare.

Would you be able to share the URL to your site so I can see this happening for myself?

[riseofweb]

I have found a solution using "//" instead of https// or http://

I am using cloudflares flexable ssl
https://www.cloudflare.com/ssl

So the original server is not ssl but then cloud flare turns it into ssl.

at the end of the function:
protected function cache_dir_url

I added this before the return:

$url = str_ireplace("http://","//",str_ireplace("https://","//",$url));

And it fixed the http call that broke the ssl cert

I would recommend adding this as a check box somewhere in your plugin setting page.

Here is my website https://riseofweb.com

Thanks! I love your plugin.

[jaswrks]

@riseofweb

$url = str_ireplace("http://","//",str_ireplace("https://","//",$url));

This should not be necessary if your server environment is compatible with the WordPress is_ssl() function. Can you please confirm that you're not behind a load balancer? See: http://codex.wordpress.org/Function_Reference/is_ssl

If you are using a load balancer, have you made adjustments at the server level to make your environment compatible with the WordPress is_ssl() function?

[riseofweb]

I ran this inside of by wp theme footer.php file:
if (is_ssl()) {
echo 'true';
}

It echoed true...

My hosting is shared hosting at GoDaddy (Web - Deluxe - Linux)

My guess is the error with the http and https has to do with CloudFlare's Flexible SSL: There is an encrypted connection between your site visitors and CloudFlare, but not from CloudFlare to your server. You do not need an SSL certificate on your server.

[jaswrks]

Can you also run a test where you echo content_url() please?

[riseofweb]

returned
https://riseofweb.com/wp-content

[jaswrks]

@riseofweb Thank you. Hmm, this is not making sense to me yet.

@raamdev I think we need to run some tests of our own against CloudFlare to see what is actually going on here. If the current scheme returned by content_url() is https, all of the HTML Compressor resources should also be served over https also.

The HTMLC uses content_url() as a basis, and content_url() uses the current scheme. I'm guessing that CloudFlare is filtering content_url() somewhere late—perhaps in the shutdown phase.

[jaswrks]

Referencing: https://github.com/websharks/quick-cache-pro/blob/000000-dev/quick-cache-pro/includes/advanced-cache.tpl.php#L1384

[raamdev]

@jaswsinc writes...

I think we need to run some tests of our own against CloudFlare to see what is actually going on here.

Agreed. We've got a couple of related issues open regarding CloudFlare and Quick Cache: #22 and #348.

I'm going to mark this issue as needs testing as well and we'll try to get to this sooner rather than later.

---

@riseofweb Thanks so much for the report and for helping us with this! :-) If you're interested in helping us with beta testing, please sign-up to be a beta tester here.

[raamdev]

Related GitHub Issue

Noting here that there's another GitHub Issue (#348) related to this one. I'm closing the other GitHub issue in favor of this one.

[chrillep]

on what line in what file are you changing to
$url = str_ireplace("http://","//",str_ireplace("https://","//",$url)); ?

im having the same problem when i use combine...

[chrillep]

fyi
wp-content/plugins/zencache-pro/submodules/html-compressor/html-compressor/includes/core.php
line 2407
don't like fiddling with plugin code though, will break on updates

[riseofweb]

~ Line 2407 of
/wp-content/plugins/zencache-pro/submodules/html-compressor/html-compressor/includes/core.php
add:
$url = str_ireplace("http://","//",str_ireplace("https://","//",$url));

just before the line that has:
return ($this->cache[FUNCTION.'_'.$cache_key] = $url);

[raamdev]

@riseofweb @chrillep Thanks for your help and your patience on this issue. We finally identified an issue that we believe is related to the problem outlined here and we're releasing a fix in the next release of ZenCache Pro. If either of you are able to confirm that the next release fixes the issue for you, that would be great!

[raamdev]

Next Pro Release Changelog:

• Bug Fix: Fixed an SSL issue with the HTML Compressor that was causing problems in some hosting environments where the hosting server was incorrectly setting $_SERVER['REQUEST_SCHEME'] to http even when the WordPress Site URL and Home URL were set to use https://. As a result of this improper server configuration, the combined CSS/JS files generated by the HTML Compressor were being served over HTTP even when a site was configured to use HTTPS. This release applies a workaround for this improper server configuration that no longer looks at $_SERVER['REQUEST_SCHEME']. See Issue #413 and Issue #73.

[raamdev]

ZenCache Pro v151002 has been released and includes changes from this GitHub Issue.

See the ZenCache Pro v151002 release announcement for further details.

---

This issue will now be locked to further updates. If you have something to add related to this GitHub Issue, please open a new GitHub Issue and reference this one (#413).