ssl issue

[Guest]

I recently had a few contributions installed on my site.

Now when going to checkout in Firefox I get a red exclamation on the lock telling me that Warning contains unauthenticated content.

I have used all kinds of tools to try and figure out what content is non ssl but cant figure it out.

 

Can someone look at it and tell what is causing the ssl warning on my checkout page?

 

https://www.connectorsupply.com/catalog/login.php

 

This only is happening in Firefox.

 

Any help would be appreciated.

 

Thanks

[Guest]

Can someone please check the page above with firefox and let me know if there firefox is giving the unsecure content error on yours.

 

Thanks for help.

[MrPhil]

I get taken to a "cookie_usage.php" page. There are no "insecure/unauthenticated content" items on that page. I'm guessing that you're trying to feed me a cookie that my browser security doesn't like (permanent cookie, tracking cookie, etc.).

 

I have used all kinds of tools to try and figure out what content is non ssl but cant figure it out.

Simple. In your browser, View > Page source. Alt-F to search, search for http: and go through each one found. Links to other pages (http://domain/path/file.html,'>http://domain/path/file.html, file.php, etc.) are no problem. Links to in-page content (.css, .js, .jpg, .gif, etc.) are a problem. If it's content on your site, simply find what you need to do to eliminate the http://domain and only output /path/filename. If it's on a different domain, you need to access it with https: instead of http:, or if it's not secure, eliminate it from your secure pages. There are some code snippets floating around this forum on how to check if a page is secure (https: ), and if so, omit insecure links.

[Guest]

I went through everything in the page source.

Nothing looks wrong.

 

The strange thing is that if I turn off images on that page then its fully secure.

But I looked at the list of images in the list on the media tab and it shows all the images comming from https.

 

Someone please help.

THis is my only source of income and this issue will cause business loss.

 

HELP

Joe

[MrPhil]

Odd. Now I get the login.php page. Firefox doesn't say anything about insecure elements, but does warn me it's in "Quirks mode". I tried feeding that page to the W3C validator (http://validator.w3.org) and it went to the cookage_usage.php page (lots of errors there). I took a look through the login.php page source, and don't see any image, JS, or CSS file referred to by http:.

 

I do see some references to http: that might be causing problems:

JS function session_win() goes to http://yourdomain for window.open().

The Advanced Search Results "action" link goes to http://yourdomain, as does the manufacturers box.

 

You might see if temporarily deleting (commenting out) those references, or else changing them to https:, does anything good. If you don't want to go hunting through the PHP code, save the page as a local .html file in your browser. Make sure it's still pointing to image files, etc. on your site, and try displaying it to see if you get the same error. If so, start changing http: to https: in the session_win() and action= and see if that clears up things.

 

Do you have any modifications to osC? Does it normally bring up all those product links and whatnot on the login page? If so, I would have thought that lots of people would be suffering from this problem. If all your images are either explicitly https:, or use the default domain (path/filename), I'm surprised that FF would act differently with and without images on. Since I don't get any warnings about insecure elements on the page (FF 3.6.11), I can't quite reproduce what's happening to you. What FF version is showing this problem?

[Guest]

I found it!!!!!!!!!!!!!!

 

It is the new menu I had installed.

I reverted back to my old columleft.php and it is secure.

 

Now I have to get the people that installed it to fix it.

 

Thanks for your input

 

Joe