Social Bookmark Causes "page contains both secure and nonsecure items" message

[JE2009]

I was having a tuff time figuring out why I was getting the dreaded "page contains both secure and nonsecure items" on secure pages.

I try everything I found on the forum:

- check for absolute links
- make sure you modify googele analytics
_ Script referencing http


Well I finally figure out the problem.

I installed a social bookmark script which ran globally and was causing the message to appear. Found this article that mentioned "why would you want to bookmark a checkout". http://pro-webs.net/blog/2009/08/26/...ckout-suicide/

I installed the script on the footer.php and was being called by alll pages including any secure pages e.g. checkout, my account, contact us.

I am posting it here, so it helps someone else pullilng their hair how to get rid off the dreaded "secure/nosecure items" message. As the article states, it could be a suicide at checkout for your potential customers.



I would like to use the social bookmarking, anyone know how to get around this problem?

[kburner]

I was having a tuff time figuring out why I was getting the dreaded "page contains both secure and nonsecure items" on secure pages.

I try everything I found on the forum:

- check for absolute links
- make sure you modify googele analytics
_ Script referencing http


Well I finally figure out the problem.

I installed a social bookmark script which ran globally and was causing the message to appear. Found this article that mentioned "why would you want to bookmark a checkout". http://pro-webs.net/blog/2009/08/26/...ckout-suicide/

I installed the script on the footer.php and was being called by alll pages including any secure pages e.g. checkout, my account, contact us.

I am posting it here, so it helps someone else pullilng their hair how to get rid off the dreaded "secure/nosecure items" message. As the article states, it could be a suicide at checkout for your potential customers.



I would like to use the social bookmarking, anyone know how to get around this problem?

I am getting the same error in I.E. and not FF. I found it is my social bookmarks. My includes/template/temp/common/tpl_header.php file for bookmarks looks like this....I read your article and not sure what I am suppose to do with these links.

</div></ul>
<div id="bookmark" class="bookmark">

<a rel="nofollow" style="text-decoration:none;" href="http://www.facebook.com/share.php?u=/" onclick="window.open('http://www.facebook.com/share.php?u='+encodeURIComponent(document.title)+'&amp;d=&amp;tag=&amp;u='+encod eURIComponent(location.href));return false;" title="Share this site with your facebook friends"/><img src="http://www.burnerbooks.com/images/facebook.gif" style="padding-bottom:1px;" alt="facebook on burnerbooks"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.yahoo.com/" onclick="window.open('http://myweb2.search.yahoo.com/myresults/bookmarklet?t='+encodeURIComponent(document.title)+'&amp;d=&amp;tag=&amp;u='+enc odeURIComponent(location.href));return false;" title="Share this site with your yahoo friends" onmouseover="schnapp('Yahoo','','http://www.social-bookmark-script.de/img/bookmarks/yahoo_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/yahoo_trans.gif" alt="Add to: Yahoo" name="Yahoo" width="20" height="20" border="0" id="Yahoo" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.favit.com/" onclick="window.open('http://www.favit.de/submit.php?url='+(document.location.href));return false;" title="Add to: Favit" onmouseover="schnapp('Favit','','http://www.social-bookmark-script.de/img/bookmarks/favit_trans_ani.gif',1)" onmouseout="schnipp()"/>


<a rel="nofollow" style="text-decoration:none;" href="http://digg.com/" onclick="window.open('http://digg.com/submit?phase=2&amp;url='+encodeURIComponent(location.href)+'&amp;bodytext=&amp;t ags=&amp;title='+encodeURIComponent(document.title));return false;" title="Add to: Digg" onmouseover="schnapp('Digg','','http://www.social-bookmark-script.de/img/bookmarks/digg_trans_ani.gif',1)" onmouseout="schnipp()"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.stumbleupon.com/" onclick="window.open('http://www.stumbleupon.com/submit?url='+encodeURIComponent(location.href)+'&amp;title='+encodeURIComponent( document.title));return false;" title="Add to: StumbleUpon" onmouseover="schnapp('StumbleUpon','','http://www.social-bookmark-script.de/img/bookmarks/stumbleupon_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/stumbleupon_trans.gif" alt="Add to: StumbleUpon" name="StumbleUpon" width="20" height="20" border="0" id="StumbleUpon" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.google.com/" onclick="window.open('http://www.google.com/bookmarks/mark?op=add&amp;hl=co.uk&amp;bkmk='+encodeURIComponent(location.href)+'&amp;anno tation=&amp;labels=&amp;title='+encodeURIComponent(document.title));return false;" title="Add to: Google" onmouseover="schnapp('Google','','http://www.social-bookmark-script.de/img/bookmarks/google_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/google_trans.gif" alt="Add to: Google" name="Google" width="20" height="20" border="0" id="Google" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://del.icio.us/" onclick="window.open('http://del.icio.us/post?v=2&amp;url='+encodeURIComponent(location.href)+'&amp;notes=&amp;tags=&amp; title='+encodeURIComponent(document.title));return false;" title="Add to: Del.icio.us" onmouseover="schnapp('Delicious','','http://www.social-bookmark-script.de/img/bookmarks/del_trans_ani.gif',1)" onmouseout="schnipp()"/><img src="http://www.social-bookmark-script.de/img/bookmarks/del_trans.gif" style="padding-bottom:1px;" alt="Add to: Del.icio.us" name="Delicious" border="0" id="Delicious" style="padding-bottom:1px;"/>

</div>

Any suggestions? Thanks, Kim

[gilby]

I was having a tuff time figuring out why I was getting the dreaded "page contains both secure and nonsecure items" on secure pages.

I try everything I found on the forum:

- check for absolute links
- make sure you modify googele analytics
_ Script referencing http


Well I finally figure out the problem.

I installed a social bookmark script which ran globally and was causing the message to appear. Found this article that mentioned "why would you want to bookmark a checkout". http://pro-webs.net/blog/2009/08/26/...ckout-suicide/

I installed the script on the footer.php and was being called by alll pages including any secure pages e.g. checkout, my account, contact us.

I am posting it here, so it helps someone else pullilng their hair how to get rid off the dreaded "secure/nosecure items" message. As the article states, it could be a suicide at checkout for your potential customers.



I would like to use the social bookmarking, anyone know how to get around this problem?

I use the "addthis" button at the start of the breadcrumbs line in \includes\templates\YOUR_TEMPLATE\common\tpl_main_page.php

PHP Code:

<!-- AddThis Button BEGIN -->
    <?php if ($request_type == 'NONSSL') { ?>

Put your custom button code here

<?php } ?>
<!-- AddThis Button END -->

You don't want to bookmark your SSL pages or distract the customer during checkout.
This keeps it off the checkout pages.

[JE2009]

I am getting the same error in I.E. and not FF. I found it is my social bookmarks. My includes/template/temp/common/tpl_header.php file for bookmarks looks like this....I read your article and not sure what I am suppose to do with these links.

</div></ul>
<div id="bookmark" class="bookmark">

<a rel="nofollow" style="text-decoration:none;" href="http://www.facebook.com/share.php?u=/" onclick="window.open('http://www.facebook.com/share.php?u='+encodeURIComponent(document.title)+'&amp;d=&amp;tag=&amp;u='+encod eURIComponent(location.href));return false;" title="Share this site with your facebook friends"/><img src="http://www.burnerbooks.com/images/facebook.gif" style="padding-bottom:1px;" alt="facebook on burnerbooks"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.yahoo.com/" onclick="window.open('http://myweb2.search.yahoo.com/myresults/bookmarklet?t='+encodeURIComponent(document.title)+'&amp;d=&amp;tag=&amp;u='+enc odeURIComponent(location.href));return false;" title="Share this site with your yahoo friends" onmouseover="schnapp('Yahoo','','http://www.social-bookmark-script.de/img/bookmarks/yahoo_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/yahoo_trans.gif" alt="Add to: Yahoo" name="Yahoo" width="20" height="20" border="0" id="Yahoo" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.favit.com/" onclick="window.open('http://www.favit.de/submit.php?url='+(document.location.href));return false;" title="Add to: Favit" onmouseover="schnapp('Favit','','http://www.social-bookmark-script.de/img/bookmarks/favit_trans_ani.gif',1)" onmouseout="schnipp()"/>


<a rel="nofollow" style="text-decoration:none;" href="http://digg.com/" onclick="window.open('http://digg.com/submit?phase=2&amp;url='+encodeURIComponent(location.href)+'&amp;bodytext=&amp;t ags=&amp;title='+encodeURIComponent(document.title));return false;" title="Add to: Digg" onmouseover="schnapp('Digg','','http://www.social-bookmark-script.de/img/bookmarks/digg_trans_ani.gif',1)" onmouseout="schnipp()"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.stumbleupon.com/" onclick="window.open('http://www.stumbleupon.com/submit?url='+encodeURIComponent(location.href)+'&amp;title='+encodeURIComponent( document.title));return false;" title="Add to: StumbleUpon" onmouseover="schnapp('StumbleUpon','','http://www.social-bookmark-script.de/img/bookmarks/stumbleupon_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/stumbleupon_trans.gif" alt="Add to: StumbleUpon" name="StumbleUpon" width="20" height="20" border="0" id="StumbleUpon" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://www.google.com/" onclick="window.open('http://www.google.com/bookmarks/mark?op=add&amp;hl=co.uk&amp;bkmk='+encodeURIComponent(location.href)+'&amp;anno tation=&amp;labels=&amp;title='+encodeURIComponent(document.title));return false;" title="Add to: Google" onmouseover="schnapp('Google','','http://www.social-bookmark-script.de/img/bookmarks/google_trans_ani.gif',1)" onmouseout="schnipp()"/>
<img src="http://www.social-bookmark-script.de/img/bookmarks/google_trans.gif" alt="Add to: Google" name="Google" width="20" height="20" border="0" id="Google" style="padding-bottom:1px;"/>


<a rel="nofollow" style="text-decoration:none;" href="http://del.icio.us/" onclick="window.open('http://del.icio.us/post?v=2&amp;url='+encodeURIComponent(location.href)+'&amp;notes=&amp;tags=&amp; title='+encodeURIComponent(document.title));return false;" title="Add to: Del.icio.us" onmouseover="schnapp('Delicious','','http://www.social-bookmark-script.de/img/bookmarks/del_trans_ani.gif',1)" onmouseout="schnipp()"/><img src="http://www.social-bookmark-script.de/img/bookmarks/del_trans.gif" style="padding-bottom:1px;" alt="Add to: Del.icio.us" name="Delicious" border="0" id="Delicious" style="padding-bottom:1px;"/>

</div>

Any suggestions? Thanks, Kim

Kim,

I still having figure out how to remove the bookmarks for secure pages. Any help from someone else will be greatly appreciated :)

I know is not the right fix, in the meantime, I commented out all the code regarding the social bookmarks. Hope this helps!

JE

[schoolboy]

With the code in the FOOTER, Try overrides... PAGE-SPECIFIC footers...

1. Determine what pages are SSL (eg: login, checkout_shipping)

2. Create folders named with the names of those pages. EG a folder called checkout_shipping in /templates/your_template/templates/

... so you get... /templates/your_template/templates/checkout_shipping/

Take a copy of the ORIGINAL tpl_footer.php and put it in that folder. (ORIGINAL = unedited tpl_footer.php)

/templates/your_template/templates/checkout_shipping/tpl_footer.php

Try it first with "checkout_shipping" to see if what I say works, or if I'm just talking junk...

[mprough]

I agree that no reasoning exists for bookmarking on secured pages overall... but you can do this to eliminate the warning

Code:

<a rel="nofollow" style="text-decoration:none;" href="http://www.facebook.com/share.php?u=/" onclick="window.open('http://www.facebook.com/share.php?u='+encodeURIComponent(document.title)+'&amp;d=&amp;tag=&amp;u='+encod eURIComponent(location.href));return false;" title="Share this site with your facebook friends"/><img src="//www.burnerbooks.com/images/facebook.gif" style="padding-bottom:1px;" alt="facebook on burnerbooks"/>

~Melanie

[kburner]

I use the "addthis" button at the start of the breadcrumbs line in \includes\templates\YOUR_TEMPLATE\common\tpl_main_page.php

PHP Code:

<!-- AddThis Button BEGIN -->
    <?php if ($request_type == 'NONSSL') { ?>

Put your custom button code here

<?php } ?>
<!-- AddThis Button END -->

You don't want to bookmark your SSL pages or distract the customer during checkout.
This keeps it off the checkout pages.

Ok. This worked for me for social buttons. Thank you so much!

But now, My Live Help sidebox is causing secure/nonsecure error!

Thanks, Kim

[mzimmers]

To be precise, the problem is not in the anchors themselves; it's the references to the .gif files on www.social-bookmark-script.de. I copied the files to my server, did a little more clean up, and all seems OK now.

[thedjphat]

I'm using zen cart 1.3.9 (latest at time of post)

I ran into this error when adding the facebook like button to our header - and with the help of a good friend, found a workaround which is very simple, and commonly used procedure:

In INCLUDES/TEMPLATES/(yourtemplate)/COMMON/header.tpl
(in my case at least, I wanted to add the button next to the header, under the login, customization will be required for your solution.)

look for
<!--bof-branding display-->
<div id="logoWrapper">
<div id="logo"><?php echo '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '">' . zen_image($template->get_template_dir(HEADER_LOGO_IMAGE, DIR_WS_TEMPLATE, $current_page_base,'images'). '/' . HEADER_LOGO_IMAGE, HEADER_ALT_TEXT) . '</a>'; ?>

Under this statement - I included some new php which recognizes the http or https state of the page we are on - and if on secure pages, displays an image instead of the facebook like button, dispelling the non secure elements from account pages, but displaying the facebook like button on the home and other http request pages.


<!--bof-facebook like button/secure image-->
<?php
if ($_SERVER['HTTPS']) { ?>
<img src="https://opticalnow.ca/secure.jpg">
<?php
}else{?>
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.opticalnow.ca&amp;layout=standard&amp;show_faces= false&amp;width=200&amp;action=recommend&amp;font=arial&amp;colorscheme=light&am p;height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:200px; height:35px;" allowTransparency="true"></iframe>
<?php;
}?>
<!--eof-facebook like button/secure image-->

You will of course, need to modify this to suit your needs - I used a hard link to image over https, which I'm sure could be improved on, but works for what it is intended for. You will also need to change the facebook source code (everything in iframe)

this little script is to direct user's attention to the locked icon at the bottom of the browser, and confirm that the page is secure.

[DrByte]

Using $request_type is much more reliable than $_SERVER['HTTPS'].