totallytech Posted May 10, 2014 Share Posted May 10, 2014 Hi Guys, I've got a php script which has a standard header... the css fails to load though. My site is https://www.site1.com and the css is located on http://www.site2.com my css code is: <link rel="stylesheet" href="http://site2.com/style.css" type="text/css" media="screen" /> but for some reason it seems to fail.... Any ideas? Quote Link to comment https://forums.phpfreaks.com/topic/288390-my-script-fails-to-load-css-from-https-can-anyone-suggest-workaround/ Share on other sites More sharing options...
Jacques1 Posted May 10, 2014 Share Posted May 10, 2014 Hi, loading HTTP content on an HTTPS site is rather silly, because this gives an attacker the opportunity to jump in and potentially subvert the entire security of HTTPS. Is there any reason why you can't use HTTPS on your other site? Quote Link to comment https://forums.phpfreaks.com/topic/288390-my-script-fails-to-load-css-from-https-can-anyone-suggest-workaround/#findComment-1479023 Share on other sites More sharing options...
davidannis Posted May 11, 2014 Share Posted May 11, 2014 Is there any reason why you can't use HTTPS on your other site? Or, just copy the css files to site1? Quote Link to comment https://forums.phpfreaks.com/topic/288390-my-script-fails-to-load-css-from-https-can-anyone-suggest-workaround/#findComment-1479043 Share on other sites More sharing options...
Jacques1 Posted May 11, 2014 Share Posted May 11, 2014 No. Keeping scripts and static files on separate domains is a wise decision, because there's absolutely no reason to have the client send their entire set of PHP-related cookies to every single CSS file, image or whatever. Quote Link to comment https://forums.phpfreaks.com/topic/288390-my-script-fails-to-load-css-from-https-can-anyone-suggest-workaround/#findComment-1479049 Share on other sites More sharing options...
davidannis Posted May 11, 2014 Share Posted May 11, 2014 (edited) No. Keeping scripts and static files on separate domains is a wise decision, because there's absolutely no reason to have the client send their entire set of PHP-related cookies to every single CSS file, image or whatever. Depends on the situation. I can picture a header that needs only a few files and a client who would break the page on site1 by changing the name or location of a css file without thinking through the consequences. Besides, I wonder if the OP is dealing with a client or just trying to replicate the look and feel of another of his own sites. Edited May 11, 2014 by davidannis Quote Link to comment https://forums.phpfreaks.com/topic/288390-my-script-fails-to-load-css-from-https-can-anyone-suggest-workaround/#findComment-1479079 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.