diff --git a/inc/toolbox.php b/inc/toolbox.php
old mode 100644
new mode 100755
index 7c63fa2..a0bffda
--- a/inc/toolbox.php
+++ b/inc/toolbox.php
@@ -40,8 +40,9 @@ class ToolBox
 		$_REQUEST = array_merge($_GET, $_REQUEST);
 
 		//Add Server Name
+		//FIXME http/https value
 		$sServerName = array_key_exists('SERVER_NAME', $_SERVER)?$_SERVER['SERVER_NAME']:$_SERVER['PWD'];
-		$sAppPath = 'http://'.str_replace('http://', '', $sServerName.dirname($_SERVER['SCRIPT_NAME']));
+		$sAppPath = 'http://'.str_replace(array('http://', 'https://'), '', $sServerName.dirname($_SERVER['SCRIPT_NAME']));
 		$_GET['serv_name'] = $sAppPath.(mb_substr($sAppPath, -1)!='/'?'/':'');
 	}
 
diff --git a/jquery/common.js b/jquery/common.js
old mode 100644
new mode 100755
index 0e4e7cc..2186918
--- a/jquery/common.js
+++ b/jquery/common.js
@@ -490,8 +490,9 @@ function debug(text, bQuery)
 
 function getLoginToken(sPass)
 {
-	if(!window.location.origin) window.location.origin = window.location.protocol + "//" + window.location.hostname + (window.location.port ? ':' + window.location.port: '');
-	return md5(sPass+window.location.origin+window.location.pathname);
+	//if(!window.location.origin) window.location.origin = window.location.protocol + "//" + window.location.hostname + (window.location.port ? ':' + window.location.port: '');
+	var sLocation = (!window.location.origin)?"http://"+window.location.hostname+(window.location.port?':'+window.location.port:''):window.location.origin.replace('https://', 'http://');
+	return md5(sPass+sLocation+window.location.pathname);
 }
 
 function md5(str)