Hello

Using uddeim 3.4 , joomla 3.3, CB 1.9.1 we have security errors when trying to send a public message from the front end

Error is 2
[blocked] The page at 'ourwebsite.com/component/uddeim/?task=new&recip=87&nouserlist=7' was loaded over HTTPS, but ran insecure content from 'www.google.com/recaptcha/api/challenge?k=xxxxxxxxxx': this content should also be loaded over HTTPS.

How can we solve this ?

Thanks

The recaptcha lib "recaptchalib.php" loads content from the Google servers using http only.

Search includes.php for
echo recaptcha_get_html($config->recaptchapub);

and replace this with
echo recaptcha_get_html($config->recaptchapub,null,true);

and do the same for pfrontend.php.

This enforces ssl encryption and hopefully fixes your problem.

Nope this did not work to enforce ssl connection on task=new when trying to send a public message to a user.

Cache emptied from both server and browser and same error

Could you make all links and calls ssl when https is used ?

The problem is not uddeIM but the recaptcha library. The problem is that the recaptcha library displays a picture from the Google servers using http but your server displays all content using https. So the error is that unsecure content is displayed on a page that used https.

As the message says, the content from the Google servers should be loaded using https. According to the function call in the recaptcha library the additional parameter "true" should enforce https transfers. If not there might be a bug in the recaptcha lib. I am sorry but when my fix does not work there is nothing more I can do.

Well we also use recaptcha lib in ccomment for instance and it works fine on ssl connections.

Can we use another library ?
If we unselect recaptcha will we go to another one by default ?

Can you try the "internal" captcha service?