Don't redirect at confirmation page continue

[Kaiser Soze]

When a customer completes their checkout a "congratulations" page is displayed. There is a continue button on it that, when pressed, takes the user back to the default.php page. The congratulations is displayed via https & when the redirect takes place, the user gets a warning message that tells them they are being _redirected_ to a non-secure site.

 

The fix is to non redirect. Shouldn't the action for the "congrats" form point to default.php?