Highlighted

Non-secure Edgefonts Server causes browsers to block web sites

Engaged ,
Mar 14, 2020

Copy link to clipboard

Copied

I have run into a bad problem when using Edgefonts.

 

They were originally installed through Dreamweaver onto my Macs with an unsecure http (without the "S") address as their source (instead of from the alternative secure "https://" source) and this is causing blocked access to my websites.

 

I have repeatedly removed the non-secure http version from my files but it persists in reinserting itself in my source code and I desperately need to know how to get rid of that code permanently although I do want to use this particular Edgefont on a web site which I am building.

 

This is the correct source:

<!--The following script tag downloads a font from the Adobe Edge Web Fonts server for use within the web page. We recommend that you do not modify it.--><script>var __adobewebfontsappname__="dreamweaver"</script>

<script src="https://use.edgefonts.net/source-sans-pro:n4,n6,i7,i2,n2:default.js" type="text/javascript"></script>.

 

The source which causes the trouble is the very similar, but thoroughly dangerous:

<script src="http://use.edgefonts.net/source-sans-pro:n4,n6,i7,i2,n2:default.js" type="text/javascript"></script>.

 

The http source needs to be permanently removed from Edgefonts' Servers immediately.

 

 

TOPICS
Browser, Code, Error, Product issue, Publish, Server side applications

Views

695

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Non-secure Edgefonts Server causes browsers to block web sites

Engaged ,
Mar 14, 2020

Copy link to clipboard

Copied

I have run into a bad problem when using Edgefonts.

 

They were originally installed through Dreamweaver onto my Macs with an unsecure http (without the "S") address as their source (instead of from the alternative secure "https://" source) and this is causing blocked access to my websites.

 

I have repeatedly removed the non-secure http version from my files but it persists in reinserting itself in my source code and I desperately need to know how to get rid of that code permanently although I do want to use this particular Edgefont on a web site which I am building.

 

This is the correct source:

<!--The following script tag downloads a font from the Adobe Edge Web Fonts server for use within the web page. We recommend that you do not modify it.--><script>var __adobewebfontsappname__="dreamweaver"</script>

<script src="https://use.edgefonts.net/source-sans-pro:n4,n6,i7,i2,n2:default.js" type="text/javascript"></script>.

 

The source which causes the trouble is the very similar, but thoroughly dangerous:

<script src="http://use.edgefonts.net/source-sans-pro:n4,n6,i7,i2,n2:default.js" type="text/javascript"></script>.

 

The http source needs to be permanently removed from Edgefonts' Servers immediately.

 

 

TOPICS
Browser, Code, Error, Product issue, Publish, Server side applications

Views

696

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Mar 14, 2020 0
Adobe Community Professional ,
Mar 15, 2020

Copy link to clipboard

Copied

Are you using a Template to create your child pages?  Open your Template and check the source code for Edge fonts. 

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 15, 2020 0
Adobe Community Professional ,
Mar 15, 2020

Copy link to clipboard

Copied

Self-populating code could also be coming from a Library Item or a 3rd party extension.

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 15, 2020 0
Engaged ,
Mar 21, 2020

Copy link to clipboard

Copied

I have found the (several) causes and sources of the problem:

 

The fault primarily lies with Microsoft because browsers are seeing an underlying insecure "http" link to a Microsoft server even if the user is replacing it in the Edge Fonts Script with the alternative secure https address.

 

Contamination in my System was coming from several sources:

The Manage Fonts tool was hiding my previously downloaded link to an Edge Font  under its Check-mark symbol;

Templates which I had made included the unwanted MS Script;

and the TMP files were also capturing the unwanted Script and were perpetuating the problem every time that I tested my site through a Web Browser.

 

One huge problem was caused because I had uploaded a new site (on which I am currently working) to my web-hosting company's Server and both Firefox and Safari blocked my access to my own personal website because they perceived the server there to be "insecure".

 

I have now trashed all Templates; and all existing TMP files; and removed the link to Edge Fonts in the Manage Fonts tool and the unwanted re-insertion of the EdgeFonts script into my DW pages has now stopped.

 

The moral of the story seems to be to stay well away from using Edge Fonts until Microsoft can be persuaded to clean up their insecure Servers?

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 21, 2020 0