CMS Made Simple Forums

Posted: **Fri Jan 10, 2014 9:36 pm**

Oh wait. I don't think using the "Preview" tab when editing a page is always the best way to tell if an iframe works. I think the preview tab is an iframe already so, it might be a conflict.

I would test going to the actual page. I personally never use the preview tab since browsers support multi-tab interfaces.

But, I added the iframe snippet to a GCB and then placed the GCB into a page and everything works fine for me. I used a template that is barebones to make it easy to see the source. I also tried with the sandbox attribute and that worked good too.

Code: Select all

<!doctype html> 
<__html lang="en" class="no-js">
<head>
<meta charset="UTF-8">
<base href="http://www.NothingHere.....ToSee.org" />
<title>Site Title</title>
<meta name="Robots" content="noarchive, nofollow">
<link rel="icon" href="favicon.ico" type="image/x-icon">
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
<link rel="apple-touch-icon" href="apple-touch-icon.png">
<link rel="canonical" href="http://www.NothingHere.....ToSee.org"></head></__body>
<!-- pageAttribute: NotSearchable -->
<__iframe src="http://www.census.gov/popclock/embed.php?component=counter&popclk=727707" frameborder="0" width="389" height="930" allowtransparency="true" sandbox="allow-same-origin allow-scripts">
</__iframe><__body>
</__html>

Posted: **Fri Jan 10, 2014 9:52 pm**

Is the code you displayed the actual code that goes in the GCB?

Posted: **Fri Jan 10, 2014 9:54 pm**

no, that was just the view source of the html page.
This is the final version I used, but all of them worked ok

<__iframe src="http://www.census.gov/popclock/embed.ph ... clk=727707" frameborder="0" width="389" height="930" allowtransparency="true" sandbox="allow-same-origin allow-scripts">
</__iframe>

(without the __ before the element names that the forum adds in for security... not this, <__iframe

Posted: **Fri Jan 10, 2014 10:02 pm**

Please take a quick look at my page at:

https://www.sierraclubswmg.org/index.ph ... Population

and tell me what's wrong. It is so different from my source that there is no comparison for me.

Thank you very much.

Posted: **Fri Jan 10, 2014 10:48 pm**

Try disabling the SSL / https for that page under the page's Options while editing it. Maybe that bad SSL certificate is causing a problem for the iframe to load since the iframe's source may also encounter a SSL crt error.

Posted: **Sat Jan 11, 2014 2:12 pm**

Make the iFrame src https and it will probably work.

Browsers don't like mixed content like this.

Code: Select all

 <__iframe src="https://www.census.gov/popclock/embed.php?component=counter&popclk=727707" frameborder="0" width="389" height="930" allowtransparency="true" sandbox="allow-same-origin allow-scripts">
</__iframe>

or

Code: Select all

 <__iframe src="//www.census.gov/popclock/embed.php?component=counter&popclk=727707" frameborder="0" width="389" height="930" allowtransparency="true" sandbox="allow-same-origin allow-scripts">
</__iframe>

Posted: **Mon Jan 13, 2014 2:02 am**

Well, I'll be....... It works!

So, if I want to use HTTPS, what should I change to make that work? Does the link need to be that way as well?

Besides, why does it matter that I drag that content into my secure page? It shouldn't matter where it comes from, should it?

Posted: **Mon Jan 13, 2014 8:18 am**

Of course it matters. When you tell the browser (and visitor) you're serving over https, but in the background you don't, that's not fair play.

Search the web for 'mixed content' and you'll probably find a lot of decent explanations. I don't know all the ins and outs about this subject.

By the way: skipping the 'http:'/'https:' from the url will make it 'inherit' the protocol from the containing 'page'. Note however that (of course) the included source (iframe, image, stylesheet, js, whatever) must then be served too with the same protocol.

In this particular case, the content is both served as http and https. However, often that's not the case.

Posted: **Mon Jan 13, 2014 2:46 pm**

Thanks for the good info.

What I meant was that if mine is secure, their's should be secure because mine contains it.

I will experiment and see what happens and report back.

CMS Made Simple Forums

Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue

Re: Counter Format Issue