I'm admittedly new to SSL. My impression is that all of the files that hit the given page must come from secure sources. All my image and js files are being rerouted through https.
Is that accurate?
I want to login a user on a splash page that also contains a facebook like and tweet button. The tweet button is written for http and, when I tried to alter the protocol, it stopped working.
How can I get around this?
Twitter has already added SSL-support.
You can include their library like this: https://dev.twitter.com/blog/ssl-support-tweet-button-and-follow-button
Twitter has an FAQ on this. Basically they recommend building your own HTML tweet button. The downside is there will be no total share count displayed.
You could theoretically download all the JS that is used in the tweet button and host them on your own site but if Twitter changes how any of the APIs it uses your implementation would break. You would also likely have to modify the JS files to get them to make the count request over SSL.
This guy has a solution that worked for me: https://www.ibm.com/developerworks/mydeveloperworks/blogs/bobleah/entry/create_a_https_twitter_tweet_button_for_your_web_page_or_blog24?lang=en
I preferred to just use javascript to grab the current page, so in his example, I bypassed the part where a url is passed to twitterPop() and added this line to the beginning of that function:
str=document.URL;
There's no counter but it's better than nothing!
