Announcement

**Bruce** · 13-Apr-2007, 06:34 PM

Does the bounce happen if you use any other browser?

Kind regards,

**doug selby** · 13-Apr-2007, 09:01 PM

Hi Bruce, thanks for your reply.
I cannot replicate the problem in firefox, and my mac friends tell me all is well in safari.
The browser seems to hang in the cgi, as I am left looking at a blank window, with a url;

Code:

http://www.domain.co.uk/cgi-bin/ca000002.pl?ACTION=SSLBOUNCE&URL=https%3a%2f%2fsecure%2edomain%2eco%2euk%2fcgi%2dbin%2fos000002%2epl%3fACTION%3dStart&REFPAGE=http%3a%2f%2fwww%2edomain%2eco%2euk%2f&ACTINIC_REFERRER=http%3a%2f%2fwww%2emedscope%2eco%2euk%2f&REFPAGE=http%3a%2f%2fwww%2edomain%2eco%2euk%2f&ACTINIC_REFERRER=http%3a%2f%2fwww%2edomain%2eco%2euk%2f

A process of elimination reveals that the relevant security setting is "Allow active scripting". If this is disabled, the checkout does not load.
I am really hoping I'm missing something obvious here. Does anyone else have this problem with Internet Explorer high security settings, secure socket layer and scripting?

**Bruce** · 16-Apr-2007, 01:44 PM

Scripting needs to be allowed else a lot of the site would not work. Have you tried adding the website address to the 'Exceptions' and then check to see if the same happens. Perhaps other users who have come across this issue could comment as to what they think could be causing this.

Kind regards,

**doug selby** · 16-Apr-2007, 02:13 PM

It's true, Bruce, that without scripting the dropdown menus don't display, but this shouldn't affect the CGIs on the server side, and indeed Quick Search and Add to Cart work fine.
Adding the domain to the 'Trusted Sites' list on the IE Security tab does allow the bounce to the checkout to complete, and I will recommend that my customers do this, but I am sure this is costing me sales.
It seems to me that this is a replicable problem (my two sites here are on very different hosts). Please, does anyone else have this problem with Internet Explorer high security settings, the secure socket layer bounce to checkout and the 'allow active scripting' setting?
In fact, I would like to hear from anyone using SSL on their checkout pages, so I can see a site that works!

**Mike Hughes** · 16-Apr-2007, 04:22 PM

Seems to work on mine: www.firsttackle.co.uk

Mike

**doug selby** · 16-Apr-2007, 04:52 PM

I'm sorry, olderscot, but it doesn't. Your site also fails to a blank page;

Code:

http://www.firsttackle.co.uk/cgi-bin/ca000001.pl?ACTION=SSLBOUNCE&URL=https%3a%2f%2fwww%2efirsttackle%2eco%2euk%2fcgi%2dbin%2fos000001%2epl%3fACTION%3dStart&REFPAGE=http%3a%2f%2fwww%2efirsttackle%2eco%2euk%2facatalog%2fBass_bags%2E]ehtml&ACTINIC_REFERRER=http%3a%2f%2fwww%2efirsttackle%2eco%2euk%2facatalog%2fBass_bags%2ehtml&REFPAGE=http%3a%2f%2fwww%2efirsttackle%2eco%2euk%2facatalog%2fBass_bags%2ehtml&ACTINIC_REFERRER=http%3a%2f%2fwww%2efirsttackle%2eco%2euk%2fcgi%2dbin%2fca000001%2epl

when going from the cart to the checkout with browser security set to high. This is from at least two machines in different locations, IE 6 & 7 under WinXP. I am confident you will be able to replicate this yourself.

Thanks for your response there anyway, Mike. Is your site 7.05?

Does anyone else have a site which might display a similar issue please? I should like to see, for example, a site done in 7.06 as well.

**Mike Hughes** · 17-Apr-2007, 08:27 AM

I see what you mean. It's strange because it only happens from the view cart page. Going through checkout from anywhere else doesn't cause the problem.

I don't know why we have ssl bounce here anyway. The normal checkout path goes to the first page without ssl and then only uses ssl after the 'next' button and this works fine without any bounce.

7.0.5 ?

No, I'm still on 6.1.5. I will move to V8 when I can find time, but there's just too much stuff happening at the moment.

Mike

**Mark H** · 17-Apr-2007, 08:30 AM

HMMM - I have a problem with an old background colour which flashes up when you go to checkout from the cart, but not from anywhere else on the site - I'm thinking of replacing the checkout link in the cart page with the same one used elsewhere in the site - this might solve your problem too.

**Bruce** · 19-Apr-2007, 06:19 PM

Checking out from the Cart page bounces you the the cart manager script then onto the checkout page.

I just tried something here that seems to do away with the bounce..

Edit Act_ShoppingCart.html with an editor like notepad or Dreamweaver..

search for '<Actinic:REMOVE TAG="CheckoutButton">'

below this, depending on the theme being used you should see one of the following lines of code.

or

<Actinic:REMOVE TAG="CheckoutButton">

<INPUT TYPE="IMAGE" NAME="ACTION_BUYNOW" SRC="checkoutnow.gif" ALT="NETQUOTEVAR:CHECKOUTBUTTON">

Place an a href tag around the line of code ( In the second example it would be around whichever line is uncommented..) like this...

You will need to change the script ID number to whatever you have in your network settings area..

Save and update the site. Please make a backup of the template before editing. The above will do away with the bounce and take you straight to the checkout.

Kind regards,

**doug selby** · 05-May-2007, 08:07 PM

Hi Bruce, thanks for your answer. Unfortunately, it doesn't quite work, as you can see on my test site, blood-pressure-monitor-online dot co dot uk.

It seems that both IE 6 & 7 submit the form, rather than the link. I have included a straightforward image (of the checkout now gif) within the 'a' tag, and this works. (localhost didn't, but an absolute or relative link is fine).

There is no SSL on this test domain yet, but I will try replacing the form buttons with images, linked as you suggest, in the live site and report back.

**doug selby** · 14-May-2007, 06:39 PM

Well, I tried this on the medscope live site tonight, and found another showstopping problem.

The secure pages on this site reside on a subdomain, secure.medscope.co.uk, and using a straight link as Bruce recommends causes firefox to drop the shopping cart contents as it leaves the www subdomain.. This is almost as bad the original SSL bounce issue!

This problem is demonstrated on the test site; medscope.co.uk/acatalog/test/

**doug selby** · 15-May-2007, 01:55 AM

Oh dear.

Further testing reveals that the SSLbounce to checkout fails to a blank screen in all major browsers, if javascript is disabled.

This is true of both the sites in my sig, and the olderscott's firsttackle site.

The checkout button created in the HEADERGUIDE will work, provided that your SSL checkout is on the same domain as the main store. If not, it will offer an SSL bounce which fails without javascript.

The solution offered by Bruce above will likewise work if your domain remains constant into https, but if the domain differs, then only IE will make it past the first https step.

If your SSL checkout is on a different (sub)domain, then Firefox, in the absence of javascript, will drop the cart contents cookie resulting in a 'your cart is empty message', or an old cart contents being used. Opera will produce a general script error.

The bottom line is, for all you people seeing 60% or more drop-out through your SSL checkout, ask yourself; how many of those visitors had javascript disabled, and were dumped to a blank screen?

Can anybody say if this problem still applies in V8?

**doug selby** · 15-May-2007, 01:58 AM

Originally posted by Mark H

HMMM - I have a problem with an old background colour which flashes up when you go to checkout from the cart, but not from anywhere else on the site - I'm thinking of replacing the checkout link in the cart page with the same one used elsewhere in the site - this might solve your problem too.

Mark - Put the background image url into your css, and remove it from design | options. Set the background colour instead.

Announcement

SSLBOUNCE fails under high security

SSLBOUNCE fails under high security

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment