jasonabc Posted January 8, 2006 Posted January 8, 2006 Hi, When I add something to my cart in OSC, I go over to a secure URL. I want this option disabled (I don't want a secure shopping cart). I want the checkout area to be SSL obviously - but not for just adding stuff to my cart. How do I do this? thanks Jason Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix
♥Vger Posted January 8, 2006 Posted January 8, 2006 osCommerce is set up to decide which pages are SSL and which are NONSSL. Pages which are SSL will have to be set to NONSSL in the code on those pages and on the page which links to them. Personally I think having an insecure Shopping Cart is a very bad idea. Vger
jasonabc Posted January 9, 2006 Author Posted January 9, 2006 Personally I think having an insecure Shopping Cart is a very bad idea. Why? There's no personal information in the cart - it's only got store products in it. The store moves over to an SSL connection when users checkout but I don't see any security implications of having a non-secure shopping cart? cheers Jason Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix
♥Vger Posted January 9, 2006 Posted January 9, 2006 Search engines don't spider https pages, but they do spider http pages. If a search engine comes to your site and it's not listed in the spiders.txt file (even if you have Prevent Spider Sessions set to true) then you could end up with a nice search engine listing of shopping cart items tied to a session id. You could also end up with every item in your shop sold out - because a search engine has added them all to a shopping cart. Vger
jasonabc Posted January 9, 2006 Author Posted January 9, 2006 Search engines don't spider https pages, but they do spider http pages. If a search engine comes to your site and it's not listed in the spiders.txt file (even if you have Prevent Spider Sessions set to true) then you could end up with a nice search engine listing of shopping cart items tied to a session id. You could also end up with every item in your shop sold out - because a search engine has added them all to a shopping cart. Vger Ahhh ok - will leave the cart as SSL - many thanks for the heads up! Is the OSC cart being SSL by default a new thing? I did a couple of OSC stores a year or so ago and the cart on those is not (and never has been) secure (not because I changed any settings - that's just how it worked 'out-of-the-box')? cheers Jason Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.