Announcement

Collapse
No announcement yet.

Receipt Completion SSL Security Warning

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Receipt Completion SSL Security Warning

    Hi all, hoping someone can help me here.

    v11.02. I have an SSL certificate applied to checkout pages as we use Google Checkout. Site is secure and fine. On the receipt page, when you click the Finish button and go back to cgi-bin/os000001.pl you are sent back to the site as normal which is not secure. Nothing wrong there. Unfortunately since IE8+ you now get a security warning message ("do you want to view only the webpage content delivered securely?") I know this can be turned off in the browser, but I'm trying to avoid it as I'm worried some customers will panic thinking their information has been compromised. Ive used firefox/firebug so I know all items on the SSL pages are secure using https.

    Any help apprecaited.
    Thanks
    Justin
    Tags: os000001.pl, security warning, ssl
    #2
    Not sure I understand what your problem is.

    If you're using SSL shouldn't the customer be going to the receipt page on SSL?

    Mike
    -----------------------------------------

    First Tackle - Fly Fishing and Game Angling

    -----------------------------------------

    Comment

      #3
      Hi Mike, yep, that's right. All is okay on receipt page. It's secure. It's when they click the Finish button to return to the site that I get the warning.

      Comment

        #4
        ah, right. Now I understand.

        What's the link on the finish button doing? Is is it going to https or just http? IIIRC everything in Actinic is complete once the receipt page has been displayed so you could always just create your own button and comment out the Actinic one if it's causing any problems.

        Mike
        -----------------------------------------

        First Tackle - Fly Fishing and Game Angling

        -----------------------------------------

        Comment

          #5
          Thanks for your help Mike.

          When you click finish on the receipt page it goes back to https://<site>/cgi-bin/os000001.pl which then says "your cart is empty blah blah" and after a few seconds automatically redirects you to the last product you were viewing which is back on the http site.

          The problem is even if I put a manual link going to the homepage it's going from an https to an http and causing IE8 to give this annoying warning.

          I've triple checked everything on the SSL pages (including receipt page) and all items are https.

          Comment

            #6
            The odd thing is that the message should only be show when there's unescured content on a secure page. So sending the customer to a standard http page should make sure it doesn't get shown.

            Did you try changing the finish button so it goes directly to an http page?

            Mike
            -----------------------------------------

            First Tackle - Fly Fishing and Game Angling

            -----------------------------------------

            Comment

              #7
              Hi Mike.

              I did as you suggested and added a manual link to our homepage (http) on the receipt page, replacing the default 'Checkout Done' button code. This seems to have done the trick. Can't understand why the original actinic method is causing that message as there is no security violation, but I think it might be a 'Microsoftism' more than anything else as it's only in IE8 onwards. All other browsers (Firefox, Opera, Safari, Chrome etc.) are okay.

              Thanks again for your help.
              Justin

              Comment

              Previous template Next
              Working...
              X