ActiveCampaign Forum

Custom icons and images in messages break https sites


#1

Just been testing site messaging on my site which is https and it’s showing the page as insecure when AC pops up a message if I either have a custom icon or put custom image in the message.

It gives me the messages:

Loading mixed (insecure) display content “http://ianbrodie.img-us3.com/admin/ian1-socmed.jpg” on a secure page
Loading mixed (insecure) display content “http://ac-image.s3.amazonaws.com/5/6/1/7/5/home/admin/ian1-socmed.jpg” on a secure page

Presumably if you load the images without the http using the //ac-image… terminology it will load correctly either the https or http version based on the http status of the current page.

Ian


#2

@Ian_Brodie - Thanks Ian! We’ll take a look into this.


#3

Cool. I’m guessing it should be a relatively easy fix. But very important given how much emphasis Google and others are placing on sites going SSL.


#4

@tjahn

I have the same issue.

Can you please use HTTPS link when using image in forms or everywhere else in ActiveCampaign?

Why your amazon S3 (ac-image.s3.amazonaws.com) still using HTTP?

It breaks my HTTPS website and it seems that you didn’t change that since January 2017.

You just have to add “s” to your http links from amazon S3.

Thanks for considering a quick fast asap.


#5

still no https - in October 2018. AC still breaking websites.

ActiveCampaign PLEASE REACT!!!

We have business to do!

Thanks.


#6

still no https - in October 2018. AC still breaking websites.

ActiveCampaign WHEN WILL YOU TAKE THIS SERIOUS?

PLEASE REACT!!!

We have business to do!

Thanks.


#7

Hi @adhs, can you clarify what part of the platform you are referring to here? Any further details you can provide would be helpful honing in on this issue. Thanks!


#8

He shouldn’t have to. Somebody should do a global search/replace across every repo and fix any instances of “http://” that are found. I’d have to agree this is really bad to not have something so simple fixed.

If ALL your own servers don’t have proper SSL configured, then either fix them or hire somebody who can. If you don’t have or know anybody, contact me directly…I’m a 20+ year veteran SysAdmin and Programmer.