Bravo List

Bravo List (http://www.bvlist.com/index.php)
-   TBDev (http://www.bvlist.com/forumdisplay.php?f=20)
-   -   Mixed content external images (http://www.bvlist.com/showthread.php?t=11885)

Tedmorris 9th December 2018 05:11

Mixed content external images
 
Hey guys,

Does anyone know a method for dealing with mixed content warnings from external images posted on the forums or torrent descriptions?

Im looking for a method similar to what IPT use, something that detects the image is not https and replaces the image with a non ssl image that you click on to display the image.

Ive searched google but i cant seem to find a solution, any help would be much appreciated.

DND 9th December 2018 09:44

They use the option from Cloudflare for mixed content

darkalchemy 9th December 2018 10:02

It should be pretty simple to achieve.

1) place a temp image into your image folder.
2) during formatting of the output, check the url scheme $_SERVER['REQUEST_SCHEME'] if its http, replace it with the image as a link to the original url.

I do it a bit differently. I do not allow external images to be displayed anywhere in my code. The term is 'image proxy' and the idea is that you can either download the image to your site and replace the external url with the internal one, or you can use an image proxy host, much like an anonymizer. The image proxy host will grab the image and send it to you, https.

The benefit of doing it internally is that you can manipulate, resize and optimize the image to display as needed. It also allows the users browser to cache the image.

Tedmorris 9th December 2018 11:07

Thx guys,

I like your setup Darkalchemy, sounds like a much better solution.

I will start researching image proxy and see how i go.

Bump: Where can i find $_SERVER['REQUEST_SCHEME']

darkalchemy 10th December 2018 02:07

It's a super global, it's available everywhere.

Tedmorris 17th December 2018 04:00

Ok so i cant find that super global anywhere and the images posted on the forums and torrent descriptions are formatted in the format_comment function i think?

PHP Code:

function format_comment($text$strip_html true)
{
    global 
$smilies$privatesmilies;

    
$s $text;
        unset(
$text);

        if (
$strip_html)
        
$s htmlspecialchars($sENT_COMPAT'ISO-8859-1');

  
// [img]http://www/image.gif[/img]
$s preg_replace_callback("/\[img\]((http|https):\/\/[^\s'\"<>]+(\.(jpg|gif|png)))\[\/img\]/i""scale"$s);

    
// [img=http://www/image.gif]
 
$s preg_replace_callback("/\[img=((http|https):\/\/[^\s'\"<>]+(\.(gif|jpg|png)))alt=\"\"\]/i""scale"$s); 

Or have i missed something?

darkalchemy 17th December 2018 04:04

Super Globals

Tedmorris 17th December 2018 11:26

Thx m8, where can i find it in tbdev source?

darkalchemy 17th December 2018 14:44

It's a super global, it's just there. You do not set it, but you can read it.

place echo $_SERVER['REQUEST_SCHEME']; die(); just about anywhere on any page and open it in the browser and you will see it.

Tedmorris 20th December 2018 13:30

It echos https


All times are GMT +2. The time now is 12:11.

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.