Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security Warning Only on Mozzila


RonS

Recommended Posts

Whenever I add an item to the cart in Mozilla Firefox I receive the dreaded Security Warning message.

Once I'm in the Cart Contents and I click the "Update" button I receive the dreaded Security Warning message.

 

These messages only appear when I use Mozilla Firefox, it seems to work fine when I'm using IE.

 

Can some one take a look at this for me please...... very frustrating it is.

 

Question: Why is it when you select the Continue Shopping button osc takes you to the https:// and not the http:// address and the lock is not locked? When your in the Cart Contents it is not on the secure address so why go to a secure address? This has also created some frustrating issues for me. As a result I had to remove some items. argh

 

Once I get into the shopping cart and start the Check Out process all seems to work as it should.

 

Anyone have any ideas as to how I messed things up?

 

Check Web Page here link

 

Ron

Link to comment
Share on other sites

This also happens when I use the search function, but only in Mozilla. argh

 

 

Whenever I add an item to the cart in Mozilla Firefox I receive the dreaded Security Warning message.

Once I'm in the Cart Contents and I click the "Update" button I receive the dreaded Security Warning message.

 

These messages only appear when I use Mozilla Firefox, it seems to work fine when I'm using IE.

 

Can some one take a look at this for me please...... very frustrating it is.

 

Question: Why is it when you select the Continue Shopping button osc takes you to the https:// and not the http:// address and the lock is not locked? When your in the Cart Contents it is not on the secure address so why go to a secure address? This has also created some frustrating issues for me. As a result I had to remove some items. argh

 

Once I get into the shopping cart and start the Check Out process all seems to work as it should.

 

Anyone have any ideas as to how I messed things up?

 

Check Web Page here link

 

Ron

Link to comment
Share on other sites

I believe it is most likely caused by

<base href="https://www.store.surfcitycruiser.com/">

on the product info page, this link should reflect http or https depending upon if you have entered an ssl page. Yours is forcing base href to always https somehow.

Link to comment
Share on other sites

I believe it is most likely caused by
<base href="https://www.store.surfcitycruiser.com/">

on the product info page, this link should reflect http or https depending upon if you have entered an ssl page. Yours is forcing base href to always https somehow.

 

Yes, he probably modified the config file in an attempt to solve a different problem.

 

See:

 

http://www.oscommerce.com/forums/index.php?sho...23entry672623

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

WOW you guys are great! I did in fact change some code in the application_top.php file as per another post in here as follows:

From This:

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

To This:

$request_type = (eregi ($HTTP_HOST, HTTPS_SERVER)) ? 'SSL' : 'NONSSL';

Evidently the new code doesn't work very well for Mozilla users? Or perhaps I wrote it in wrong?

As soon as I changed it back to the original code, it seems to work fine, so far.

 

Thanks very much, I can't express my gratitude enough. :thumbsup:

 

Ron

Link to comment
Share on other sites

WOW you guys are great! I did in fact change some code in the application_top.php file as per another post in here as follows:

 

Evidently the new code doesn't work very well for Mozilla users? Or perhaps I wrote it in wrong?

As soon as I changed it back to the original code, it seems to work fine, so far.

 

Thanks very much, I can't express my gratitude enough. :thumbsup:

 

Ron

 

That eregi test is bogus. It only works if you have set other conditions carefully. Read the post I linked.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

  • 2 months later...
Yes, he probably modified the config file in an attempt to solve a different problem.

 

See:

 

http://www.oscommerce.com/forums/index.php?sho...23entry672623

 

I had the same symptoms described here, but I couldn't fiqure out how to apply to my situation, because with my dedicated SSL I was getting the getenv('HTTPS') == 'on' successfully. That is, until I noticed that I was getting an 'on' status from both secure and unsecure servers. So I made the change to line 41 and my errors went away! Almost. :(

 

Now, whenever I click on the Add To Cart button in product_info.php it takes me (incorrectly) to my shopping cart in secure mode. From there, if I update my cart I still get the 'unencrypted connection' error in FireFox. If I got to the shopping cart directly, it is not in secure mode, and everything works properly. The Update button in the shopping cart is doing the same thing...redraws the cart in secure mode. Is there another HTTPS == test somewhere, or what else could be happening?

 

I am so close to having a live site. Any help will be greatly appreciated.

 

thanks,

Ron West

Link to comment
Share on other sites

I had the same symptoms described here, but I couldn't fiqure out how to apply to my situation, because with my dedicated SSL I was getting the getenv('HTTPS') == 'on' successfully. That is, until I noticed that I was getting an 'on' status from both secure and unsecure servers. So I made the change to line 41 and my errors went away! Almost. :(

 

Now, whenever I click on the Add To Cart button in product_info.php it takes me (incorrectly) to my shopping cart in secure mode. From there, if I update my cart I still get the 'unencrypted connection' error in FireFox. If I got to the shopping cart directly, it is not in secure mode, and everything works properly. The Update button in the shopping cart is doing the same thing...redraws the cart in secure mode. Is there another HTTPS == test somewhere, or what else could be happening?

 

I am so close to having a live site. Any help will be greatly appreciated.

 

thanks,

Ron West

 

I found it! Yes indeed, there is another similar test in catalog/includes/functions/general.php. I changed my line #23 from getenv('HTTPS') == 'on' to getenv('SERVER_PORT') == '443' and everything works! Knock on wood.

 

Ron West

Link to comment
Share on other sites

I found it! Yes indeed, there is another similar test in catalog/includes/functions/general.php. I changed my line #23 from getenv('HTTPS') == 'on' to getenv('SERVER_PORT') == '443' and everything works! Knock on wood.

 

Ron West

 

I am sorry to go around this once more, but I am getting a bit confused. I found yet one more occurance of the "unencryted connection" error. This happens when I take the following 3 steps:

 

1. Have products which are configured as date available in the future, and have zero quantity in stock. I have done this is for the purpose of causing the product to display with other new products, while the product infoin the cart shows the date available with ***. Perhaps there is a better way to do this????

 

2. And, I ignore the warning that there isn't sufficient quantity in the shopping cart. Then I proceed to checkout.

 

3. After selecting the shipping method, I am taken again to the shopping cart (because of the zero quantity warning). But this time the shopping cart is an SSL page, and clicking on the Update button gives me the 'unencrypted connection' warning.

 

That's it. I know that I don't need to play with adding in product with zero quantities, but I like to show product that is 'coming soon'.

 

Oh so very close...

 

thanks for any help,

Ron West

Link to comment
Share on other sites

I am sorry to go around this once more, but I am getting a bit confused. I found yet one more occurance of the "unencryted connection" error. This happens when I take the following 3 steps:

 

1. Have products which are configured as date available in the future, and have zero quantity in stock. I have done this is for the purpose of causing the product to display with other new products, while the product infoin the cart shows the date available with ***. Perhaps there is a better way to do this????

 

.

.

.

 

thanks for any help,

Ron West

 

Ok, can someone tell my how the code works in checkout_shipping.php? When you click the continue button it somehow does a check to see if you have something in the cart which is not in stock, or has insufficient quantity. When it sends you back to the cart it is still an SSL page, it's not flipping. This is what is causing the Firefox unencryted connection popup warning for me now.

 

Thank you,

Ron West

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...