CiviCRM Community Forums (archive)

Have you enabled "Force Secure Url" settings in CiviCRM ?

http://drupal.demo.civicrm.org/civicrm/admin/setting/url?reset=1

Kurund

Turns out that we get this error on our demo site as well (with Firefox). Not sure what's causing it since I don't get any errors in Safari, AND when examining all media and scripts - they're all coming in under https.

Some folks I've talked to think the problem is caused by subdomains (http://drupal.demo.civicrm.org is the subdomain, but our SSL cert is for civicrm.org). You might check if that's the issue for you

Turning off javascript in firefox allowed the page to load successfully in firefox 3.5.8.

We used two different plugins to compress and combine all css and javascript, and voila, the problem disappeared.  Unfortunately, it also broke a function we like, namely changing the continue button into processing.  We used wireshark to see if there really was some kind of content traversing non-secure.  There wasn't.  The problem did go away when all javascript was combined into one js file, but again, we lost functionality from Common.js.  If we had enough time, I program the order by trial and error to see if I could get it to work without the firefox error, but methinks, because no other browser we tested has the issue, that this time, firefox is the problem.  Firefox 3.0 does not have a problem with the page at all.  LiveHTTP headers shows all content is https.  Right now, we have combined all .js into one file, except Common.js.  The problem remains. 

When we get time, I will restore the site onto a testing server, and have a little techie fun trying to ascertain the cause.

I was having this same issue for a day or two and after some frustration found this thread. So I loaded up the source of a contribution page in a static html file and deleted some scripts here and there until I got a properly "verified" page in Firefox. Turns out it's coming from the ckeditor.js file that gets called about 1/4 of the way down the page. This bug is apparently fairly well documented and is not Civi's fault: http://dev.fckeditor.net/ticket/3905 .

So, I downloaded the newest version of CKeditor from their site and installed that in place of the one in sites/all/modules/civicrm/packages/ckeditor. Make sure to flush your drupal site / browser caches and you should be golden! As far as my testing has gone so far the newest version of CK isn't causing any issues with civicrm and seems to be working the same as the old version.

I highly recommend that the next Civi version include the newest version of ckeditor, as that message in Firefox will scare some people away from contributing / sharing their sensitive data.

Good investigation, I also downloaded the latest version and replaced it on my Joomla site - Fixed.

The point that only Firefox gives this warning may need to be considered.

I am having the same error in Firefox 3.6.3 .... that is even on a site with no civicrm at all just drupal properly installed.  This is a new error in the latest version.  They have a new error screen to scare people.  Firefox is in some kind of aliance to push for the use of expensive certificates which aside from preventing the extremely unlikely and isolated issue of someone trying to pretend to be say Microsoft there is no real benefit.  In fact over-priced certs deture people from using heavy encryption.  Self certified certificates offer every bit as much encryption.  Firefox has accheived a position as the second most popular browser and they are abusing it.  I would not doubt if they are not in fact being bribed by the cert authorities or do not have a vested interest or hidden connection of some kind.  NO other browser does this.  I think this latest warning screen which people get by clicking the little exclamation point you get on the bottom line of Firefox is just another fear mongering attempt to boost sales of these overpriced cert mobsters.

I have tested and determined that 100 percent of the content of this website are 256 bit encrypted yet it gives the faux warning that it is only partially encrypted without even telling what part is or what part isn't along with giving verious other fear mongering details.  (the entity is not verified well cert authorities verify your credit card but that is about it).  I try to use Opera for most of my stuff now that FireFTP is way behind other FTP programs.  I am working on getting Opera's last few problems addressed so it can completely replace firefox.  Firefox is causing grave harm to security/encryption and privacy.  Anytime we are forced to register to be able to buy or sell  with private information we are endangering privacy.  This should not be accepted.