HTTPS background images using ip address?

Question

I have a website using CodeIgniter (an older version that has been upgraded over time by several developers). The site works 100% fine using HTTP (my test environment can't use HTTPS) but when I switch to HTTPS all of the CSS background images switch to using the IP Address?

 

In every page, I include the following snippet for ease of use, but it is producing the same IP address so I figured the problem is in the site_url() function - image_url() just adds to site_url().

<script type="text/javascript">
    var BASE_URL = '<?= site_url() ?>'; // http://555.555.55.555/
    var IMG_PATH = '<?= image_url() ?>'; // http://555.555.55.555/images/main
</script>

I don't have a 'live test environment' to test changes and am stumped. I believe the below overridden function force_ssl() may hold the problem, but have no idea why or what is causing the problem. (The force_ssl() function came from here.)

I am using the CodeIgniter carabiner plugin to serve up the CSS/JS and have the following function to force SSL/HTTPS in my my_helper.php:

if (!function_exists('force_ssl')) {
    function force_ssl() {
        if (ENVIRONMENT != 'development') {
            $CI = & get_instance();
            $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
            if ($_SERVER['SERVER_PORT'] != 443) {
                redirect($CI->config->config['base_url'] . $CI->uri->uri_string());
            }
        }
    }
}

/**
 * Override the site_url function so it does https
 *
 * @param <type> $uri
 * @return <type>
 */
function site_url($uri = '', $https = FALSE, $only_images_js_css = true) {
    if ($https || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443)) {
        if (ENVIRONMENT != 'production') {
            $secure_connection = FALSE;
        } else {
            $secure_connection = TRUE;
        }
    } else {
        $secure_connection = FALSE;
    }

    $CI = & get_instance();
    if (!$secure_connection) {
        return str_replace("https://", "http://", $CI->config->site_url($uri));
    } else {
        // fallback - .htaccess should cover this - but just to make sure...
        // If we only want the images, js, css, etc. to have https://
        if ($only_images_js_css === true) {
            $needs_ssl = false;
            $extensions_to_check = array(".js", ".css", ".jpg", ".gif", ".png", ".ico");
            foreach ($extensions_to_check as $extension_to_check) {
                if (stristr($uri, $extension_to_check) !== FALSE) {
                    $needs_ssl = true;
                    break;
                }
            }
            if ($needs_ssl === true) {
                return str_replace("http://", "https://", $CI->config->site_url($uri));
            } else {
                return str_replace("https://", "http://", $CI->config->site_url($uri));
            }
        } else {
            return str_replace("http://", "https://", $CI->config->site_url($uri));
        }
    }
}

Is there a better way to do this? (i.e. switch from HTTP to HTTPS) and/or what is wrong with my site_url() and/or force_ssl() functions?

Answer 1

The Problem turned out to be part of my CSS magnification (had been previously modified to allow for some re-configuration of the CodeIgniter folders)

Using the codeigniter Carabiner plugin - cssmin.php was the file of problem.... https://github.com/tonydewan/Carabiner

Answer 2

I am not sure that the issue is related to these functions. They are getting their data from base_url config. If the base_url is not set Codeigniter tries to guess the protocol, domain and path to your installation. I would think it was a server setup issue since Codeigniter uses $_SERVER['HTTP_HOST'] to get the domain/ip.

if ($this->config['base_url'] == '')
{
    if (isset($_SERVER['HTTP_HOST']))
    {
        $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http';
        $base_url .= '://'. $_SERVER['HTTP_HOST'];
        $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
    }
    else
    {
        $base_url = 'http://localhost/';
    }

    $this->set_item('base_url', $base_url);
}