Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons

Reply
 
Thread Tools
IMG Cacher - SSL Keeper - Mixed Content Block Solution Details »»
IMG Cacher - SSL Keeper - Mixed Content Block Solution
Version: 2.2, by MegaManSec MegaManSec is offline
Developer Last Online: Dec 2016 Show Printable Version Email this Page

Category: Mini Mods - Version: 4.1.x Rating:
Released: 09-19-2012 Last Update: 10-29-2013 Installs: 96
Uses Plugins Template Edits
Re-useable Code Additional Files Translations  
No support by the author.

Pretty much you use this when you want to keep the SSL certificete working on pages that people may use [IMG] tag's without https://.

When you use SSL on your forum, and somebody embeds an image from a non-ssl host, lots of browsers will give you a warning and say the website is unsafe ---this is a solution to that problem.

Specifically, Mozilla has a 'Mixed Content Blocker', which makes it so if you are on an https:// website, it won't load any content on the same domain, using http://.



NOTE: MAKE SURE THE .HTACCESS FILE IN cache-img/ IS WORKING!



Upload the files into your root directory, and that's it.

Then you need to create a plugin (admincp -> plugins & products -> add new plugin)
Hook location: bbcode_img_match
Title: SSL IMG Cacher
Execution order: 5
Plugin PHP Code:
Code:
$link_parsed = parse_url($link);
if ($link_parsed['host'] != '[LINK_TO_YOUR_WEBSITE]')
{
 $link = $this->registry->options['bburl'] . '/cache.php?img=' . urlencode($link);
 $retval = ($fullsize ? '<div class="size_fullsize">' : '')  . '<img src="' .  $link . '" border="0" alt="" />' . ($fullsize ? '</div>' : '');
}
Plugin is active: Yes


edit "[LINK_TO_YOUR_WEBSITE]" - Without http, example: www.dragonbyte-tech.com or www.internot.info etc. etc.

Then you are done.

It should be secure as the actual directory for the images is not available.(deny from all in htaccess)


I would also suggest adding this to robots.txt
Code:
User-agent: *
Disallow: /cache.php
Also I suggest you add something like this to .htaccess:
Code:
<FilesMatch "cache\.php$">
Header set Cache-Control "max-age=86400, public"
</FilesMatch>
======
I only give support to people who have pressed 'installed' this.
======


Source&stuff can be found here: https://github.com/MegaManSec/IMG

For vB3.8 solution, go here: https://vborg.vbsupport.ru/showthrea...75#post2411575 (Thanks to Kh99)

Download Now

File Type: zip IMG.zip (8.6 KB, 536 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
4 благодарности(ей) от:
Andreasmax, Duke49th, seb5594, VBFguy

Comments
  #42  
Old 01-28-2017, 09:50 PM
hugoroger hugoroger is offline
 
Join Date: Sep 2012
Location: Brazil
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I installed this but I am trying to get pages like:

https://www.iforumelite.com/content....e-contratacoes
https://www.iforumelite.com/content.php

Secure but this did not work.

I did everything except add this:

User-agent: *
Disallow: /cache.php
Also I suggest you add something like this to .htaccess:
Code:

<FilesMatch "cache\.php$">
Header set Cache-Control "max-age=86400, public"
</FilesMatch>
Reply With Quote
  #43  
Old 01-29-2017, 05:33 AM
Alan_SP's Avatar
Alan_SP Alan_SP is offline
 
Join Date: Nov 2009
Posts: 1,122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

These images are served from your system as attachments. I don't use attachments, but I'm sure there's a way to sort this out. Look at attachment options, or also you can rebuild styles, but this mod shouldn't touch images on your domain, that is why you have problem in my opinion.
Reply With Quote
  #44  
Old 01-29-2017, 05:49 AM
Alan_SP's Avatar
Alan_SP Alan_SP is offline
 
Join Date: Nov 2009
Posts: 1,122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by DSemen View Post
Please tell me how to install it correctly.
You have file cache.php, you need to upload it to your forum root directory.

Well, you replace original content of that file with this code. Whole content, not just part of it. Basically, you quoted how new cache.php looks like.

Also, everything else needs to stay same, i.e. you need to create plugin which calls cache.php.

It works for me, except for some images (few here and there, maybe slower sites that react slowly).
Reply With Quote
  #45  
Old 01-29-2017, 06:06 AM
Alan_SP's Avatar
Alan_SP Alan_SP is offline
 
Join Date: Nov 2009
Posts: 1,122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This mod do images from https hosts and for some reason have problem with images taken from Facebook.

Is there a solution for this, either that all images work, or that mod just starts ignoring images from https hosts.

I guess that plugin code should be different, to check not only if images is from different host, but that image comes only from http hosts. This also would speed this mod greatly. Is there someone who knows how to check if image is from host already with https?
Reply With Quote
  #46  
Old 02-15-2017, 09:14 AM
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Posts: 2,601
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MegaManSec View Post
I'll give you an example of how to do it.

This is mine:
[code]

edit this part:

Code:
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
and make it https://
Even easier:

Change

Code:
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
To:

Code:
src="//pagead2.googlesyndication.com/pagead/show_ads.js">
Reply With Quote
  #47  
Old 02-19-2017, 09:21 PM
bridge2heyday's Avatar
bridge2heyday bridge2heyday is offline
 
Join Date: Aug 2014
Location: Egypt
Posts: 141
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is my version of this plugin
PHP Code:
$link_parsed parse_url($link);
if( 
$link_parsed['scheme'] == 'http'){
    
$ssl 'https://'.$link_parsed['host'];
    
$stream = @stream_context_create (array("ssl" => array("capture_peer_cert" => true)));
    
$read = @fopen($ssl"rb"false$stream);
    
$cont = @stream_context_get_params($read);
    
$var = ($cont["options"]["ssl"]["peer_certificate"]);
    
$result = (!is_null($var)) ? true false;
    if(
$result) {
    
$link str_replace('http','https',$link);
    
$retval = ($fullsize '<div class="size_fullsize">' '')  . '<img src="' .  $link '" border="0" alt="" />' . ($fullsize '</div>' '');
    } else {
        
$link $this->registry->options['bburl'] . '/cache.php?img=' urlencode($link);
        
$retval = ($fullsize '<div class="size_fullsize">' '')  . '<img src="' .  $link '" border="0" alt="" />' . ($fullsize '</div>' '');
    }
    

it checks if image https => OK
if image http .. check for https version .. if the https version is OK => OK
if the https version not working .. use the script
Reply With Quote
6 благодарности(ей) от:
Alan_SP, KevinL, masterross, Rhodium, VBFguy, z3r0
  #48  
Old 02-23-2017, 04:16 PM
Alan_SP's Avatar
Alan_SP Alan_SP is offline
 
Join Date: Nov 2009
Posts: 1,122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great work bridge2heyday, do you maybe have better code for cache.php? I noticed that it slows down loading of pages and also that some images don't work with it, but work when I disable plugin (i.e. disable cache.php).

It would be great if there's faster and 100% compatible version of this mod. That all images on http that work (some don't work) can be transferred to https.
Reply With Quote
  #49  
Old 02-23-2017, 07:37 PM
bridge2heyday's Avatar
bridge2heyday bridge2heyday is offline
 
Join Date: Aug 2014
Location: Egypt
Posts: 141
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Alan_SP View Post
Great work bridge2heyday, do you maybe have better code for cache.php? I noticed that it slows down loading of pages and also that some images don't work with it, but work when I disable plugin (i.e. disable cache.php).

It would be great if there's faster and 100% compatible version of this mod. That all images on http that work (some don't work) can be transferred to https.
Thank you , I didn't look at cache.php file .. I just did this small modification for a client .. though , my code may be improved by checking if the file is previously cached or not before looking for validity of https image .. because connection overhead may slow down the site .
There may be alternative solution - I did for an other client - to add white-list for known image hosting websites which turned using SSL .. if the image is hosted on one of those sites .. the link will be changed to https .. if not , it will be displayed as plain text image URL
Reply With Quote
  #50  
Old 02-25-2017, 05:12 PM
Alan_SP's Avatar
Alan_SP Alan_SP is offline
 
Join Date: Nov 2009
Posts: 1,122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I checked, cache.php doesn't actually cache images in cache directory, it probably just create image there temporarily and delete it after it is sent to browser. At least I didn't found images in cache folder.

Anyway, it would be great if cache.php can work with all images, as some images don't work, not sure why. With your plugin modification and cache.php that work with all images (and hopefully faster), this would be great for making site completely https compatible.
Reply With Quote
  #51  
Old 02-26-2017, 09:06 PM
Beor Beor is offline
 
Join Date: Dec 2007
Posts: 33
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello

This modification works for vb5?

Signatures of our forum not is on https

BR
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:38 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.12640 seconds
  • Memory Usage 2,365KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (6)bbcode_code
  • (1)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (11)post_thanks_box
  • (10)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (2)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (1)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete