my script fails to load css from https.... can anyone suggest workaround?

[totallytech]

Hi Guys,

 

I've got a php script which has a standard header... the css fails to load though.

 

My site is https://www.site1.com and the css is located on http://www.site2.com

 

my css code is:

 

<link rel="stylesheet" href="http://site2.com/style.css" type="text/css" media="screen" />

 

but for some reason it seems to fail....

 

Any ideas?

[Jacques1]

Hi,

 

loading HTTP content on an HTTPS site is rather silly, because this gives an attacker the opportunity to jump in and potentially subvert the entire security of HTTPS.

 

Is there any reason why you can't use HTTPS on your other site?

[davidannis]

Is there any reason why you can't use HTTPS on your other site?

Or, just copy the css files to site1?

[Jacques1]

No. Keeping scripts and static files on separate domains is a wise decision, because there's absolutely no reason to have the client send their entire set of PHP-related cookies to every single CSS file, image or whatever.

[davidannis]

No. Keeping scripts and static files on separate domains is a wise decision, because there's absolutely no reason to have the client send their entire set of PHP-related cookies to every single CSS file, image or whatever.

Depends on the situation. I can picture a header that needs only a few files and a client who would break the page on site1 by changing the name or location of a css file without thinking through the consequences. Besides, I wonder if the OP is dealing with a client or just trying to replicate the look and feel of another of his own sites.

Edited May 11, 2014 by davidannis