OneAll works on HTTP but not HTTPS

Andrew_Dedo

July 2015 in Questions

Hi

I installed an SSL certificate on my website and now Oneall still works on HTTP, but the icons do not show up on HTTPS

OKAY -> http://www.letsplayriskonline.com/#login
NOT OKAY -> https://www.letsplayriskonline.com/#login

Any ideas,
Thanks.

Answers

Fred_PinelMember

July 2015

Hi,
Could you try changing:
oa.src = '/wp-content/plugins/oa-social-login/assets/js/library.js'
to a location from your oneall application app.oneall.com (https://app.oneall.com/applications/application/implementation/wizard/social-login/?applicationid=689628)
Andrew_DedoMember

July 2015 edited July 2015

Hi,

Okay. Can you explain that to me differently?

Where do I find? oa.src = '/wp-content/plugins/oa-social-login/assets/js/library.js'

And where do you want me to put it?

And I'm not sure the link you gave is okay, should it be applicationid=310170 ?

Thanks.
Fred_PinelMember

July 2015

Hi,
Yes, sorry for the link, it should be the link to your application on app.oneall.com.

Here are more details, hopefully we can find out why the javascript code is incorrect:
The error is in the html code of your login page:
<script type="text/rocketscript"> (function() { var oa = document.createElement('script'); oa.type = 'text/javascript'; oa.async = true; oa.src = '/wp-content/plugins/oa-social-login/assets/js/library.js' var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(oa, s); })(); </script>
oa.src should be oa.src = 'http://(your subdomain).api.oneall.com/socialize/library.js';
The oa.src is normally set for you, at line 15 of wp-content/plugins/oa-social-login/includes/user_interface.php.
And, it is normally configured via the Dashboard, in Social Login Setup, section API Settings, field API subdomain.

So, please check the API subdomain settings, then check the user_interface.php file (line 15), finally, on any page, look for the OneAll script tag with the oa.src, and check if it includes a path that points to .api.oneall.com, and not a wordpress location like it is now.

Sorry for the lengthy note.
Andrew_DedoMember

July 2015

Hi, Thanks for your detailed response. I need simple instructions to get this fixed. :-)

The API subdomain settings is this:

The user_interface.php file (line 11-18)

//Without the subdomain we can't include the libary. if (!empty ($settings ['api_subdomain'])) { //pagespeed change //Forge library path. //$oneall_js_library = ((oa_social_login_https_on () ? 'https' : 'http') . '://' . $settings ['api_subdomain'] . '.api.oneall.com/socialize/library.js'); $oneall_js_library='/wp-content/plugins/oa-social-login/assets/js/library.js'; // Synchronous JavaScript: This is the default to stay compatible with existing installations. if (empty ($settings ['asynchronous_javascript']))

And this: "on any page, look for the OneAll script tag with the oa.src" I'm not sure how to do.

Thanks!
Fred_PinelMember

July 2015

Hi,
Good, you probably have found the error, in user_interface.php (line 11-18):
//Forge library path. <-- this won't work //$oneall_js_library = ((oa_social_login_https_on () ? 'https' : 'http') . '://' . $settings ['api_subdomain'] . '.api.oneall.com/socialize/library.js'); $oneall_js_library='/wp-content/plugins/oa-social-login/assets/js/library.js';
Just edit the above lines, to revert to the original code:
$oneall_js_library = ((oa_social_login_https_on () ? 'https' : 'http') . '://' . $settings ['api_subdomain'] . '.api.oneall.com/socialize/library.js'); //Forge library path. //$oneall_js_library='/wp-content/plugins/oa-social-login/assets/js/library.js';
Sorry for the details.
Claude_SchlesserAdministratorOneAll Team

July 2015 edited July 2015

Hi Andrew,

in the sourcecode of your WordPress I can see this:

<script type="text/rocketscript"> (function() { var oa = document.createElement('script'); oa.type = 'text/javascript'; oa.async = true; oa.src = '/wp-content/plugins/oa-social-login/assets/js/library.js' var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(oa, s); })(); </script>

The RocketScript loads our library from your own server which breaks the plugin.
Could you try to disable Rocket Loader by going to:

WP Admin: Settings->CloudFlare settings (Performance Settings)->Rocket Loader->Set to Off

This should fix the issue.
We will also add a workaround for this issue in the next version of the plugin.
Andrew_DedoMember

July 2015

Hi,

These are the only Cloudflare setting I found in the path you specified.
Fred_PinelMember

July 2015

Hi,
Perhaps this setting is available on your Cloudflare account web site.

Also, Cloudflare suggests to create a PageRule to exclude certain URL from their modifications (such as modifying the script tags).
See https://support.cloudflare.com/hc/en-us/articles/201717894-Using-CloudFlare-and-WordPress-Five-Easy-First-Steps.
Andrew_DedoMember

July 2015

Okay,

I disabled Rocket Loader though the Cloudflare website.

I changed the user_interface.php to:

//Without the subdomain we can't include the libary. if (!empty ($settings ['api_subdomain'])) { //pagespeed change $oneall_js_library = ((oa_social_login_https_on () ? 'https' : 'http') . '://' . $settings ['api_subdomain'] . '.api.oneall.com/socialize/library.js'); //Forge library path. //$oneall_js_library='/wp-content/plugins/oa-social-login/assets/js/library.js'; // Synchronous JavaScript: This is the default to stay compatible with existing installations. if (empty ($settings ['asynchronous_javascript'])) {

Still nothing: https://www.letsplayriskonline.com/#login

Should I remove the plugin and reinstall it again?
Fred_PinelMember

July 2015

Hi,
Disabling the rocket loader should be enough.
Perhaps the Cloudflare caches need to be cleared, or setting development mode on (Cloudflare plugin).
We're not Cloudflare users, so it is difficult to provide a clear answer to this unfortunately.