non secure pop up

[Ingo Bingo]

When a customer logs into my site fully ssl secured on the cart & log in etc & then moves to the unsecured site to shop, they get a pop up warning this is unsecure & details may not be safe, this is causing concerns with customers, i have noticed on other os commerce shops when this happens, no pop up appears, how can i kill it?

 

Ingo

[AlanR]

how can i kill it?

<{POST_SNAPBACK}>

Simple answer:

 

You can't. Nor should you be able to, it's out of your control, it belongs to the user and their browser.

 

It's a browser function. Most browsers have options for security settings and that's one of them, something like "Warn me when I move from a Secure to a Non Secure Area".

 

If you set those tightly enough there's no site that won't throw up warnings. Your credit card website, your bank and so on.

[Ingo Bingo]

I understand that, but it happens on my machine with no change in the microsoft settings

 

Ingo

[AlanR]

I understand that, but it happens on my machine with no change in the microsoft settings

 

Ingo

<{POST_SNAPBACK}>

Want to give us a link to the site? You probably have some other problem.

[Ingo Bingo]

Want to give us a link to the site? You probably have some other problem.

<{POST_SNAPBACK}>

 

www.postlenses.co.uk

 

cheers ingo

[AlanR]

I don't get any warnings with my browser (FireFox) but I noticed a double // here:

 

://sslrelay.com/secure1st.co.uk/secure1st/postlenses//catalog/login.php

 

See it, before catalog? Better fix that and see if anything changes.

 

You probably have a slash at the end of the https url.

 

oops, the forum squishes urls so I took off the https.

[Ingo Bingo]

I don't get any warnings with my browser (FireFox) but I noticed a double // here:

 

://sslrelay.com/secure1st.co.uk/secure1st/postlenses//catalog/login.php

 

See it, before catalog? Better fix that and see if anything changes.

 

You probably have a slash at the end of the https url.

 

oops, the forum squishes urls so I took off the https.

<{POST_SNAPBACK}>

 

ANY OTHER IDEAS???

 

Please

[Guest]

Works just fine for me (IE6) .... absolutely nothing wrong :P

 

Matti

[Ingo Bingo]

Works just fine for me (IE6) .... absolutely nothing wrong  :P

 

Matti

<{POST_SNAPBACK}>

 

Seems bizare, i have several customers who have created an account & then left the site because this non secure pop up appears on the screen when they go back into the shop to select a product to purchase

 

Ingo

[Ingo Bingo]

mods please close & delete

 

many Thanks

 

Ingo

 

Seems bizare, i have several customers who have created an account & then left the site because this non secure pop up appears on the screen when they go back into the shop to select a product to purchase

 

Ingo

[Guest]

Simple answer:

 

You can't. Nor should you be able to, it's out of your control, it belongs to the user and their browser.

 

actually you can and its very easy to do, basically in the tep_href_link function of html_output.php you do

	if( tep_session_is_registered('customer_id') ) {
  $connection = 'SSL';
}

 

And so if a customer is logged you always process secure pages. In case you want to do that.

[bkellum]

actually you can and its very easy to do, basically in the tep_href_link function of html_output.php you do

	if( tep_session_is_registered('customer_id') ) {
  $connection = 'SSL';
}

 

And so if a customer is logged you always process secure pages. In case you want to do that.

Mark,

 

This is a perfect fix for browsers such as Firefox that have an issue with going from a secure page to a non-secure page to prevent the security warning message "Although this page is secure, blah blah blah".

 

I did something similar to an older site and totally forgot about this option. Thanks!