Mixed Content error on Page Edit

While on page edit with an image selector (mvc widget), selecting an image has no effect.  After bringing up the Dev Tools in Chrome, I see the below.

Mixed Content: The page at 'https://............' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://........./Sitefinity/Services/Content/ImageService.svc/4218…inity.Libraries.Model.Image&provider=OpenAccessDataProvider&published=true'. This request has been blocked; the content must be served over HTTPS.

We are using SSL offloading but it doesn't appear that Sitefinity recognizes and forms the Url appropriately.  Any ideas?  Thank you.

Hi Joshua,

I would like to kindly suggest you to take a look to the following link for more details about how to configure SSL:

http://docs.sitefinity.com/administration-configure-ssl#configure-all-frontend-pages-to-require-ssl

Best Regards,
Junior Dominguez
Telerik

Junior, thanks for the reply; however, your suggestion doesn't work in my scenario.  I have checked the "Require SSL" property on certain pages for testing; however, when I tried to view the page I get an redirect loop error.  I had to uncheck it to get the page to show up again  on the front end.

Believe this is due to the fact that, to Sitefinity, the pages are coming in as http since the load balancer is handling the SSL.  So, Sitefinity is seeing this and trying to reroute to https, only to have the load balancer change it back to http when it hits Sitefinity.  I would have thought that enabling the SSL Offloading feature in Sitefinity took care of this; however, it does not appear to be doing anything.

I have confirmed that the proper headers are getting added to the Request by the load balancer before being sent to Sitefinity, so I am not sure what else it could be.

Hi Joshua,

Please note that if there is any widget (i.e: ContentBlock or custom widget) that has an image element added manually with absolute Url (probably added before setting the project to use HTTPS)  then you will need to change its src attribute manually or use relative path instead.  If the images were added using the Media Manager for instance they won't be affected since the ContentBlock will write a relative Url.

I have recorded this short video reproducing the problem.

Best Regards,
Junior Dominguez
Telerik

Junior,

There was no content on the page already and the image was added using the Image Manager via a Content Widget.  I have created a support ticket that has a video link attached if you want to check it out.  Thank you.

Hi Joshua,

The problem is caused by the Telerik.Sitefinity.Frontend.dll assembly which contains references to the http version of the cdn resource. I have logged this as a bug and have subscribed you to the notifications. I have also updated your Teleik points. 

the report can be found through the following public link of our Feedback Portal:

http://feedback.telerik.com/Project/153/Feedback/Details/178321-feather-contentblock-widget-designer-throws-mixed-http-and-https-content-warning

Please accept my apologies for the inconveniences it may have caused. 

Best Regards,
Junior Dominguez
Telerik