[prev in list] [next in list] [prev in thread] [next in thread] 

List:       php-general
Subject:    [PHP] Re: newbie question w php - javascript and HTTPS
From:       Ian <php_list () fishnet ! co ! uk>
Date:       2015-08-05 15:18:17
Message-ID: 55C22939.3070002 () fishnet ! co ! uk
[Download RAW message or body]

On 02/08/2015 02:34, dealTek wrote:
> Hi all,
> 
> Newbie question...
> I'm having an issue with mac browsers and javascript...
> 
> simple story:
> 
> 1 - If I put test folder on NON SSL site - all works ok
> 2 - but if I put same test folder on HTTPS site - MAC SAFARI gets/displays data ok \
> but MAC firefox and Chrome do NOT get data 
> Q: Why Not? How do I fix this so all browsers work?
> 
> ---
> 
> SETUP LIKE THIS...
> 
> page1.html
> 
> gets data with this line ....
> 
> was this...
> $.get("getdata.php", function(data, status){
> ...etc.	
> 
> also tried this (absolute ref)...
> $.get("https://mysite.com/getdata.php", function(data, status){	
> ...etc.
> 
> and displays data on same page1.html page
> 
> MAC safari = works but firefox and chrome do not display data ON HTTPS site but all \
> 3 work on non HTTPS other test site. ( using just this local request = \
> $.get("getdata.php", function(data, status){) 
> BTW: if I manually go to getdata.php it gets php data and show json wrapper data \
> just fine 
> Q: How can I test / fix this so all 3 browsers work on HTTPS site?

Hi,

Different browsers handle SSL/TLS differently.  For example, Firefox and
Chrome have recently disabled SSLv3 access. (Which might be your problem.)

You can test your SSL configuration using the SSLLabs website:

https://www.ssllabs.com/ssltest/analyze.html

(Make sure you tick the box 'Do not show the results on the boards').


This site will try connecting to your SSL site with multiple
combinations of Protocols and Ciphers.

It will also simulate tests from multiple different web browser /
clients and versions.

The site will inform you if your servers are vulnerable to hacking /
interception too - so its well worth a few minutes of your time.


I use this every time I modify the config of any of our SSL sites.  Or
if a new OpenSSL vulnerability is announced (which feels like every week
these days!)

Regards

Ian
-- 








-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[prev in list] [next in list] [prev in thread] [next in thread]