Resolving early termination due to protocol URL in widget_script.phtml #132
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The protocol-relative URL was causing this script to terminate early on "compilation." As of December 2014, [Paul Irish's blog](https://www.paulirish.com/2010/the-protocol-relative-url/) on protocol-relative URLs says "2014.12.17: Now that SSL is encouraged for everyone and doesn’t have performance concerns, this technique is now an anti-pattern. If the asset you need is available on SSL, then always use the https:// asset." My observation is that static resources served through Yotpo are already secure and thus should be enforced using https instead of protocol-relative urls, anyways.
damjess
changed the title
|
It's really sad how so many developers try to help Yotpo out by opening pull requests and you largely ignore them all while wreaking havoc on our sites. Your development practices are some of the most abhorrent I have seen to date. I will strongly advise my client to reconsider using your platform. I'm sick of the site-breaking bugs and error-log-filling warnings. Get your code together before subjecting paid users to it. |
|
Hi, Thanks for writing and I do apologize for the late response. |
pniel-cohen
pushed a commit
that referenced
this pull request
Dec 19, 2019
Fixed SyncStatus last_sync_date query
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The protocol-relative URL was causing this script to terminate early on "compilation." The result in the static deployed files (causing an HTTP Error 500) appeared as:
This behavior was observed consistently across development, staging, and production environments.
As of December 2014, Paul Irish's blog on protocol-relative URLs says "2014.12.17: Now that SSL is encouraged for everyone and doesn’t have performance concerns, this technique is now an anti-pattern. If the asset you need is available on SSL, then always use the https:// asset."
My observation is that static resources served through Yotpo are already secure and thus should be enforced using https instead of protocol-relative urls. Changing the url specificity to https resolved the issue and is, in any regard, more secure.