1 ednong Dec 14, 2014 16:02
3 mgsolipa 15 Dec 2014 08:12
Sorry, I forgot to attach the image :D
4 ednong 19 Dec 2014 19:34
Uh no, Sir,
I have 2 screenshots attached. One with the domain "jquery.com" allowed, on the other with less buttons is "jquery.com" denied.
So I guess, this is not correct in the source code and not fully hosted on my server. Both are in the sections "Blog > Comments".
5 mgsolipa 20 Dec 2014 13:11
@ednong wrote:
I have 2 screenshots attached. One with the domain "jquery.com" allowed, on the other with less buttons is "jquery.com" denied.
Please, explain what do you mean with "jquery.com" allowed / denied. It's something that you did on your own browser? Can you enable it?
jQuery is a very popular javascript framework widely used nowadays, and loading it directly from its domain is also a well accepted practice. However, as I said in my previous comment, if you don't want to load any script from external resources, then you can go to _advanced.php and comment all the entries in $library_cdn_urls
.
Please, give us more details in order to help us to fully understand what is going on with your site.
Thanks.
6 ednong 20 Dec 2014 16:52
Please, explain what do you mean with "jquery.com" allowed / denied. It's something that you did on your own browser? Can you enable it?
jQuery is a very popular javascript framework widely used nowadays, and loading it directly from its domain is also a well accepted practice. However, as I said in my previous comment, if you don't want to load any script from external resources, then you can go to _advanced.php and comment all the entries in $library_cdn_urls.
Please, give us more details in order to help us to fully understand what is going on with your site.
No Problem,
here the info will be.
I'm using Firefox with the plug in NoScript. So I can enable, from which domain I accept scripts and ohter things. And normally I don't accept from other domains any script (and I guess, I'm not alone). ;)
So - well accepted not for me. I wish to have all scripts local on the server the blog application is on. Would it be possible to solve it like a plugin? So the owner of the blog get the jquery script in a folder in somewhere/on/the/server/in/the/blog dir and if jquery actualise it, I can exchange it and put the newest version in this folder?
7 mgsolipa 23 Dec 2014 07:59
ednong wrote:
I wish to have all scripts local on the server the blog application is on
Since my first comment I'm trying to say exactly what you need, I'm sorry, I don't know how to be any clearer. There is no need of such a plugin, all the scripts loaded by default from a CDN are also available in the server and you can force your site to always load them from there by commenting all the entries of the array $library_cdn_urls
.
For example, except those .js files loaded by each skin ( if any ), all the js libraries used by b2evolution are stored at rsc/js
. You can browse that folder and realize all the stuff included there.
Regards!
8 ednong 23 Dec 2014 09:26
Okay,
so this jquery loading thing is a skin-sided-thing? The skin loads this script from jquery.com?
9 mgsolipa 23 Dec 2014 22:21
No, jquery is in the core not in the skins. The skins may or may not include their own javascript files.
Please follow the screenshots.
1) The file conf/_advanced.php as is included in the standard release
2) The jquery library loaded from jquery.com
3) The entries of $library_cdn_urls
commented in conf/_advanced.php
4) The jquery library loaded from disk... voila! :D
Please test it.
Regards!
10 ednong 02 Jan 2015 14:58
Ok, misunderstanding after misunderstanding :)
I understand now, no problem. And I think - so it would great to have a checkbox in the settings panel to click, if I wish only use the local scripts, not the scripts on the remote server.
11 ednong 18 Jan 2015 20:06
Another way for setting would be a list menu like
- local scripts
- scripts from remote server/form jquery-server
- scripts from remote server with fallback to local scripts (if blocked or with other reason)
This would an easy way to set it onto the settings page in the backend.
Hi @ednong,
I'm afraid that I didn't fully understand your comment.
If you mean the piece of code displayed in the image above, that's a common technique called CDN that, as everything, some people like it and some people don't. But, in general, it doesn't imply a security risk, specially if we work with trusted servers like jquery.com or bootstrapcdn.com.
However, this may be overridden just commenting the lines of those scripts that you don't want to load from the CDN. In that case, the local copy (that is already included in the standard packages of b2evolution) will be loaded.
Finally, all the built-in frontend skins of b2evolution are prepared to make a minimal use of javascript, so if there is a paranoid visitor that is still blocking javascript, when we are about to end the year 2014, he will get almost the same browsing experience than other visitors.
Regards!