Caffeinated Simpleton

Disqus over HTTPS

I re-enabled Disqus on this site this morning. It went relatively smoothly with a nifty little tool to follow the redirects I set up in my last post and migrate the old comments over.

However, I’m running this over SSL because everything should be run over SSL and especially blog comment systems that have your logged in user state to whatever account you use for Disqus. When I first installed Disqus it didn’t work at all, with Chrome telling me that it had blocked the attempt to load the Disqus JavaScript from an insecure domain.

The rest of the internet and Disqus’s own help site suggest that they don’t support SSL in Disqus 2012, but in fact they do. This is all that’s needed to enable SSL for your Disqus plugin.

diff --git a/_layouts/post.html b/_layouts/post.html
 /* * * DON'T EDIT BELOW THIS LINE * * */
 (function() {
    var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
-       dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
+       dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
    (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
 })();
</script>

Since this doesn’t seem to be officially supported, as it’s not documented, I have no idea if it will just stop working at some point. Hopefully not!

comments powered by Disqus