Browser Warning re Insecure Content at Post by Voice page

  • Unknown's avatar
    maxfein · Member ·

    Hi, just noticed at
    https://en.support.wordpress.com/post-by-voice/
    the sample mp3 doesn’t play anymore :(

    the browser (chrome, ff) showing mixed content error (no green lock) for the resource:
    http://en.blog.files.wordpress.com/2010/06/phone-your-blog.mp3?_=1

    and attempting to load via https shows a mismatch:

    en.blog.files.wordpress.com uses an invalid security certificate. The certificate is only valid for the following names:
    *.files.wordpress.com, files.wordpress.com

    …so, yeah. Cheers, Max

  • Unknown's avatar
    ravichahar · Member ·

    Hey Max,

    I audio file is working well for me. Maybe you should try clearing the browser cache.

    Solve Common Browser Issues

    And also mention the link to the blog you want help with.

  • Unknown's avatar
    maxfein · Member ·

    Hi Ravichahar,

    Steps to replicate:

    1) open either latest Chrome or FireFox
    2) navigate to https://en.support.wordpress.com/post-by-voice/
    3) observe that browser shows a green lock next to domain name
    4) click play on the mp3 file
    5) observe that
    5a) in FireFox, the lock icon is greyed out and there is the yellow alert triangle over it
    5b) in Chrome, the lock and ‘secure’ mssg is replaced with the grey exclamation mark in a circle
    6) open developer tools (right click, inspect element) and look in the Console tab for a line that looks like

    Loading mixed (insecure) display content “http://en.blog.files.wordpress.com/2010/06/phone-your-blog.mp3?_=1” on a secure page[Learn More]

    that is the resource being requested from an insecure source

    unfortunately, the source is not available via https because there is no valid certificate installed there… checking the certificate delivered for en.blog.wordpress.com if the resource is requested via https shows coverage only for
    *.files.wordpress.com, files.wordpress.com

    so, it seems like either change where the mp3 is (eg. move to blog.files.wordpress.com) or – esp. also assuming that there might be more than this mp3 at en.blog.files.wordpress.com – perhaps a valid certificate could be installed and the resource address(es) updated to use https :)

    Cheers, Max

    Also, re. blog I want help with… I selected ‘None, this is about using WordPress.com’ because the page is at the support site.

    However, since the resource seems to be coming from en.blog.wordpress.com we could just say thats the blog I need help with ;)

  • kokkieh · Staff ·

    Hi there,

    Thanks for letting us know. The audio file was just embedded using a http URL instead of a https URL – there hasn’t been any changes to this doc since before we started using https on WordPress.com.

    I’ve fixed it, and you shouldn’t see mixed content warnings on that page any more.

  • Unknown's avatar
    maxfein · Member ·

    Howdy, thats awesome, thanks.

    there hasn’t been any changes to this doc since before we started using https on WordPress.com.

    yeah, I figured it was along those lines :)

  • The topic ‘Browser Warning re Insecure Content at Post by Voice page’ is closed to new replies.