Track Down Insecure Content


(Peter Danckwerts) #1

Can someone help me track down insecure content on a site https://www.wynkyndeworde.co.uk/ ?

I have searched in the RW file, looking at Site Styles, Font Pro, CSS in the RW code section and the code
for the specific page and I cannot find Garamond12-Italic. It was a font I removed a long time ago.

I can’t find it on the published page because, of course, the browser is refusing to load it. I’d really like to track this down so that Chrome doesn’t say it’s insecure. I also tried copying the source from the RW preview but that didn’t show the font either.


(Will Woodgate) #2

I’ve run disagnostics on your webpage.

The problem is in here: https://www.wynkyndeworde.co.uk/index_files/stacks_page_page0.css

Line #284 to be precise. The stack has an ID of com_bigwhiteduck_stacks_headerpro_stack if that gives you any clues.


(David) #3

Also, it seems Garamond is being applied to all the text on the page except the large Titles which are using De-WW-Bd. Also, they seem to be coming from font-vault and/or font/pro.


(Peter Danckwerts) #4

Many thanks @willwood. I’ll look into it

Many thanks @thang .Yes there is Garamond8 being applied to most text but the problem is with Garamond12.


(Andrew Tavernor) #5

It looks like you have simply entered a non secure URL into the Header Pro web font url setting.


(Peter Danckwerts) #6

Sadly, although I’ve been able to find the reference by saving to a local folder (something I should have thought of doing before), I still can’t work out where the formatting is coming from – it would be so much easier if it were actually applied to a piece of text! I think I’ll just have to make a copy of the project, delete all but the first page and then delete one item at a time until the offending font reference disappears.


(Peter Danckwerts) #7

Phew! I finally found it! It’s inside a Header Pro stack inside a Foundation 2-column stack, the two being part of a partial which is no longer being used, but which is obviously still included in the CSS files. I’ve removed the offending partial, marked all pages and resources as changed and finally there are no ‘not secure’ messages in Chrome.

This does illustrate one of the few dangers of using partials. Finding a problem stack inside a whole nest of stacks in a partial which is not even used is rather a pain. Of course, I should have deleted it when it became redundant but I hung onto it until I’d checked that its replacement worked, by which time I’d forgotten about it!

The other puzzle is that making a very minor change in a Scribe stack caused RW to republish 670 files whilst marking all pages and resources changed only entailed republishing about a tenth the number of files.

Thank you both, @willwood and @thang again.