Mixed content

How to exclude a url from the mixed content fixer

It sometimes is necessary to exclude a certain url from the mixed content fixer. For those who don’t know already: the mixed content fixer in Really Simple SSL changes all urls from http to https, except for hyperlinks to other domains.

This can be easily accomplished with a filter. You can add it to your functions.php. It will execute after the mixed content fixer has done its work, so you have to replace the urls back to http, like this.


function rsssl_exclude_http_url($html) {
  $html = str_replace("https://www.domain.com", "http://www.domain.com", $html);
  return $html;
}
add_filter("rsssl_fixer_output","rsssl_exclude_http_url");

Related Articles

21 Comments

  • Andreas Ostheimer

    Exactly what I was looking for because I had a URL with an external IP which the Plugin did change!

  • Vijay Samtani

    can you have more than 1 rsssl_fixer_output?

    • Rogier Lankhorst

      If you need to replace more than one url, you can just copy this line:
      $html = str_replace(“https://www.domain.com”, “http://www.domain.com”, $html);
      and repeat it as often as you need.

  • Martin Z

    Hi,

    at first – thank you for your Plugin. It works as it should.

    But the Problem with changing external Links to https is really a big Problem.
    We have a site with more than 16.000 Articles. We have Partnersites which are paying for the Linking.

    I´m not able to put every URL in the function our online Authors using in their Articles (about 7 to 10 a Day).

    So, could there be a solution, where the function checks if the link has a target=”_blank” or a rel=”nofollow” – and then – it will exclude them from changing?

    That would be amazing if this would work!!!

    Thanks for your Help!
    Martin

    • Rogier Lankhorst

      Hi Martin,

      The mixed content fixer only replaces hyperlinks that point to your own domain, and does not replace external domains. It might replace it, if your own url is a part of the external url, for example: your domain: domain.com, and external domain: domain.com.au.

      In this case, the mixed content fixer will replace the domain.com, and as a result will also replace the external domain. Do you have an issue with external links over https, which stops when you disable the mixed content fixer?

      • Martin

        Hi Rogier,

        thanks for your reply. Didn´t get the notification 😉

        I disabled the mixed content fixer. In fact – I disabled all of the settings.
        It still messes with the external Links. Deleted the cache to be sure…
        After disabeling the fixer – one thing is working now – it does not change the hardcoded external javascript from an advertiser which is located in the header.php

        I used another plugin before (force ssl), which did the same thing.

        On these Screenshots you see what it is doing.

        Admin:
        http://i68.tinypic.com/30ieuqd.png

        When I hover on Frontend (Bottom left):
        http://i68.tinypic.com/2pz9q8l.jpg

        Thanks again for your help.
        Martin

        • Martin

          I just realised that the pictures are not shown.

          How can I show them to you?

          Martin

      • Martin

        Hi Rogier,

        me again. I tried something – I changed the Sitename to Sitename (http://www.domain.com) – so without the href “functionality”… It even changed the “plain” Text to https!

        So this is weird…

        • Rogier Lankhorst

          You can mail me the pictures at rogier (at) really-simple-ssl.com.

          If you still have the issue when the mixed content fixer is disabled, it’s not the plugin that’s doing it. Maybe you have another plugin that causes this?

        • Rogier Lankhorst

          As for the plain text, the mixed content fixer will replace all strings of your own domain to https, so plain text as well. But only your own domain, not external domains. I have seen this once where a plugin changed all links to // when a website was on SSL, but I don’t know which plugin that was.

          • Martin

            Thanks a lot for your replies. Sorry that it took me so long to read them. I had the Plugin “WP Force SSL” installed. Don´t have it anymore. I also don´t see any other Code in the htaccess file – except yours. Is it possible that a Database Entry still exists, which does this re-writes? Or where do I have to look?

            Thanks again for your answers!

            Martin

        • Rogier Lankhorst

          The change of the urls is completely dynamic, so will stop if you disable the mixed content fixer in the settings. No database or file changes are made.

          • Martin

            No, I´m not talking about your Plugin – I think yours is doing it right. I generally meant if it is possible that a Database entry could cause this situation? If you say “yes” – I would look into the database. If you say this is not possible it has to be in the htaccess or somewhere else, I would look there…

            Thanks!

          • Rogier Lankhorst

            I don’t think so. My best guess is that it’s a plugin doing this.

          • Martin

            Strange… Nothing is installed which could do that…

            Many Thanks anyway for your time and Plugin!

            Martin

  • ConnerMcLeod

    Great plugin! but is there a way to exclude all iframe scr urls from being changed to https?
    i have some swf games embedded with iframe from non SSL sites and they dont work no more…

    • Rogier Lankhorst

      You could use the code on this page to replace the string ‘iframe src=”https://’ to ‘iframe src=”http://’
      But that won’t help you: browsers will block http sources in an iframe on a https website, so the swf games will get blocked if you try to load them over http in a https website.

      • ConnerMcLeod

        Ok i did not know that, i guess i will self host the swf files then, thanks for your response.

  • Andrea Manetti

    Hi, thanks for your plugin and for workaround for mixed content, I used on a site where I embed a feed from an IP camera, before the workaround the IP cam wasn’t shown, now yes but Chrome makl the site as not fully protected and I lose the padlock icon.
    Any hint?
    Thanks,
    Andrea

    • Rogier Lankhorst

      Hi Andrea, this workaround will exlude this url from the mixed content fixer. As a result the mixed content isn’t fixed anymore, so you’ll have mixed content. It’s better not to exclude anything from the mixed content fixer of course! The solution is to give the domain of the Cam an SSL certificate, or serve it from your own domain.

      • Andrea Manetti

        Hi Rogier, thanks for your reply, unlucky the SSL certificate that the cam uses is a self certificate, so it’s useless. Now I’m trying to use some free proxy to show the cam, even if I don’t know how 🙂
        Best,
        Andrea

Leave a Comment