[Resolved] Reference to http://www.w3.org/2000/svg… for SVG images included in theme

Home Forums Support [Resolved] Reference to http://www.w3.org/2000/svg… for SVG images included in theme

Popular Articles

Missing style.css

Updating errors

Installing GP Premium

Installing GeneratePress

How to add CSS

How to add PHP

Home Forums Support Reference to http://www.w3.org/2000/svg… for SVG images included in theme

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • June 18, 2021 at 7:33 pm #1827137
    Dominique

    Hi,

    I was dealing with mixed content errors and getting support from Cloudflare. Their tool was reporting mixed content errors.

    Some tools where reporting mixed content errors some not.

    All SVG’s in GeneratePress have a non secure link to http://www.w3.org/2000/svg…

    Well at least I think it’s GeneratePress as I dont use any SVG’s

    You can see the non ending url’s in this test tool https://gf.dev/mixed-content-test

    Is it possible to update your code and reference to https?

    Please advise

    Dominique

    June 19, 2021 at 4:47 am #1827448
    David
    Staff
    Customer Support

    Hi there,

    see this reply here:

    https://generatepress.com/forums/topic/http-for-w3/#post-1750546

    June 19, 2021 at 9:15 pm #1828040
    Dominique

    Hi,

    Doesn’t answer why it isn’t https. And still Cloudflare’s diagnostic tool reports mixed content errors when opening a support ticket. They dug deep and found that it was the w3.org links.

    There is what 6 svg’s in GeneratePress?

    Please advise

    Dominique

    June 20, 2021 at 6:33 am #1828297
    David
    Staff
    Customer Support

    I would have thought Cloudflare of all companies would know the purpose of a XMLNS and how a browser interprets it.

    First off: they are NOT a link, no browser will treat them as a link or make a request to that URL.
    They are a namespace, which simply put is a way to inform the browser that this elements DocType is an SVG – this ensures the browser can interpret the element correctly.

    The namespace is defined by w3.org – its a standard that is recongnised by ALL modern browsers. And it has always been written that way. It does not require HTTPS as the S servers no purpose as its NOT a link. Changing the XMLNS attribute to anything else would break its purpose.

    You can check any site that uses SVG icons and you will see the same namespace standards.
    Here’s an example on cloudflares own website:

    2021-06-20_14-13-14

    I don’t what their diagnostic tool is doing but is should not be flagging them as a problem.

    June 20, 2021 at 11:16 am #1828819
    Dominique

    Oky doky

    June 20, 2021 at 3:56 pm #1828956
    David
    Staff
    Customer Support

    You’re welcome

    June 20, 2021 at 7:45 pm #1829032
    Dominique

    Hi David,

    After fixing a few mixed content errors and still being flagged by their tool this was Cloudflare’s response from an escalation engineer manager (they are all engineers without engineering degrees):

    “Our Mixed Content check is very basic and reads your HTML for instances of html attributes pointing to a value containing “http://”. We can see this happens quite often in your html code, for example:

    $ curl -s https://websitename.com/ 2>&1 | egrep -i "http://"
<svg viewBox="0 0 576 512" aria-hidden="true" version="1.1" xmlns="http://www.w3.org/2000/svg" width="1em" height="1em">

    Your site does not have mixed content from the browser or from a human point of view but from a programming point of view it definitely looks like it does.

    My recommendation would be to update your site code to replace occurrences of http:// with https:// or remove the http:// portion completely.

    This isn’t so much of a Cloudflare issue but merely a nuance with how these systems are identifying mixed content in your site code. Making the recommended change above should correct the issue. I would suggest ensuring that the referenced sites are available over https just in case (for example I’ve checked http://www.w3.org and it is available over https).

    Hopefully that helps but let us know of further questions.”

    After your response I sent a message to Cloudflare to fix their diagnostics tool to recognize XMLNS and not flag it as mixed content errors.

    Anyone opening a support request that has SVG images will get a message to fix mixed content errors and obviously try to fix them.

    You are surprised that Cloudflare has issues with their diagnostic tool flagging incorrectly mixed content errors for XMLNS. I’m not, it is how all large corporations work. The left hand doesn’t know what the right hand is doing. Also they are as slow as molasses going uphill in the winter to fix issues – if they ever deem that they should fix them!

    Stay small to medium-small to keep a great customer experience like at GeneratePress.

    You should see the support request replies that I get from TrustedSite pure amazement and awe.

    The only way to get anything fixed is to persist. Eventually they will come up with the not in road-map or planned in road-map with undetermined date reply to get you to buzz off. Sometimes they actually fix things!

    Thanks

    Dominique

    June 21, 2021 at 3:45 am #1829335
    David
    Staff
    Customer Support

    Thanks for the feedback – and yes large companies doing basic checks is often the failing of many service requests. At least others may find this and not have to jump through hoops looking for answers 🙂

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.

Start building better websites today.

Go Premium Documentation
GeneratePress

GeneratePress

Support

Articles

© 2024 EDGE22 Studios LTD.