Post by paulnic777 » Tue May 29, 2012 6:30 am

Hi,

I'm getting these errors when i try to check out with SSL switched on:

[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/th ... esheet.css.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... 7.1.min.js.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... tom.min.js.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... custom.css.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... .cookie.js.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... olorbox.js.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... lorbox.css.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... ry/tabs.js.
[blocked] The page at https://www.mysite.co.uk/index.php?rout ... t/checkout ran insecure content from http://www.mysite.co.uk/catalog/view/ja ... /common.js.
The page at https://www.mysite.co.uk/index.php?rout ... t/checkout displayed insecure content from http://www.mysite.co.uk/image/data/logo-1.jpg.
The page at https://www.mysite.co.uk/index.php?rout ... t/checkout displayed insecure content from http://www.mysite.co.uk/image/cache/dat ... -75x75.jpg.
The page at https://www.mysite.co.uk/index.php?rout ... t/checkout displayed insecure content from http://www.mysite.co.uk/catalog/view/th ... -small.png.


I've cleared my system->cache folder as recommended in another similar post but still no joy. Any help is appreciated

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Tcalp » Tue May 29, 2012 10:00 am

If your asking for help, actually provide us with your site so we can see what the problem is, pasting that is no help.

Increase Page Speed (#1 rated commercial extension on OpenCart Marketplace)
15in1 Essential Extensions Value Pack Premium Customer Testimonials Reward Points Extended Admin Security Lockdown Suite

Image
irc.freenode.net #opencart


User avatar
Active Member

Posts

Joined
Wed Jul 06, 2011 1:49 pm

Post by paulnic777 » Tue May 29, 2012 3:50 pm

Hi yes sorry i apreciate it would be easier for you to look at my site, however because this issue is stopping anyone checking out on my site I have had to switch "Use SSL" ogg else i'll get no orders! I suppose i was just looking for some advice as to what i should be looking for that may be causing theese errors.

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 5:16 pm

Hi

Have you changed the path in config file to https??

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Tue May 29, 2012 5:26 pm

Yes. The checkout link is showing as https as it should

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 5:45 pm

Ok see you getting the problem saying you ran insecure content from the css link which is http.

For Https everthing should be secure.

So go to your config under https cahnge it to "https"

// HTTPS
define('HTTPS_SERVER', 'https://'.$server_name);
define('HTTPS_IMAGE', 'https://'.$server_name.'image/');

And preferably do the same for admin config too

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Tue May 29, 2012 5:51 pm

I have done this

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 6:21 pm

Did you redirect to ssl using htaccess or in the admin?

have you changed the path anywhere in the template files?

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Tue May 29, 2012 6:25 pm

no

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by paulnic777 » Tue May 29, 2012 6:34 pm

does every url in all of the stylesheets, js etc have to be https?

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 6:52 pm

Yes

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Tue May 29, 2012 6:53 pm

so why are lots of them http? i havent changed them manually and my https variables within my config are both set

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 8:17 pm

Did you do any changes in htaccess file?

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Tue May 29, 2012 8:45 pm

a few but nothing that should affect this

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by Nathasha » Tue May 29, 2012 8:53 pm

Can you attach your config file and also your htaccess or mail it to me?

New member

Posts

Joined
Wed Nov 09, 2011 1:35 pm

Post by paulnic777 » Wed May 30, 2012 1:31 am

have done some investigation and looking at lines 6-10 in catalog\controller\common\header.php

if (isset($this->request->server['HTTPS']) && (($this->request->server['HTTPS'] == 'on') || ($this->request->server['HTTPS'] == '1'))) {
$this->data['base'] = $this->config->get('config_ssl');
} else {
$this->data['base'] = $this->config->get('config_url');
}

Even with SSL on and my HTTPS variables correctly set to https:// in my config $this->data['base'] still = http:// not https://

Any ideas what could be causing this?

This if statement will never be true because the $this->request->server['HTTPS'] attribute is always undefined

if (isset($this->request->server['HTTPS']) && (($this->request->server['HTTPS'] == 'on') || ($this->request->server['HTTPS'] == '1'))) {
$this->data['base'] = $this->config->get('config_ssl');

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by paulnic777 » Wed May 30, 2012 3:33 am

Ok - I tested the account login page through a website called whynopadlock.com and these are the results:

Insecure URL: http://www.mysite.co.uk/catalog/view/th ... esheet.css
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... 7.1.min.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... tom.min.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... custom.css
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... .cookie.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... olorbox.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... lorbox.css
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... ry/tabs.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... /common.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/ja ... okielaw.js
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/image/data/My-logo-1.jpg
Found in: https://www.mysite.co.uk/index.php?route=account/login

Insecure URL: http://www.mysite.co.uk/catalog/view/th ... w-down.png
Found in: http://www.mysite.co.uk/catalog/view/th ... esheet.css

Insecure URL: http://www.mysite.co.uk/catalog/view/th ... search.png
Found in: http://www.mysite.co.uk/catalog/view/th ... esheet.css

Insecure URL: http://www.mysite.co.uk/catalog/view/th ... e/menu.png
Found in: http://www.mysite.co.uk/catalog/view/th ... esheet.css

Insecure URL: http://www.mysite.co.uk/catalog/view/th ... uccess.png
Found in: http://www.mysite.co.uk/catalog/view/th ... esheet.css

Anyone got any idea why these urls arent being made https?

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by paulnic777 » Wed May 30, 2012 5:31 am

For anyone who encounters the same issue here is the solution:

The problem was something to do with my hosts server. Opencart looks for this variable:

$this->request->server['HTTPS'] in various files such as catalog\controller\common\header.php

Because of a strange proxy setting with my host this value wasn't present instead i had to use this value:

$this->request->server['HTTP_FORWARDED_SSL']

New member

Posts

Joined
Fri Jul 02, 2010 1:42 am

Post by scanreg » Fri Oct 19, 2012 9:28 pm

paulnic777 wrote:For anyone who encounters the same issue here is the solution:

The problem was something to do with my hosts server. Opencart looks for this variable:

$this->request->server['HTTPS'] in various files such as catalog\controller\common\header.php

Because of a strange proxy setting with my host this value wasn't present instead i had to use this value:

$this->request->server['HTTP_FORWARDED_SSL']
interesting :)

Active Member

Posts

Joined
Thu May 06, 2010 12:15 am

Post by RobinD » Sun Dec 02, 2012 5:39 pm

paulnic777

I reckon I have the same problem.

You say "in various files" - would you mind being more specific?

RobinD

Newbie

Posts

Joined
Sun Dec 02, 2012 5:01 am
Who is online

Users browsing this forum: No registered users and 35 guests