Base HREF https issues

[mprough]

How deep does the rabbit hole go?....when on the login page, which should be secure I see a base href of

Code:

<base href="http://www.sourcetech.co.uk/shop/" />

when ti should be

Code:

<base href="https://www.sourcetech.co.uk/shop/" />

That is causing all of the stylesheets and images on the page to be called unsecure on the secure page.

If your ZC is configured properly, the base url should change dynamically.

includes/configure.php

secure checkout set to true?


admin/includes/configure.php ssl catalog false?

~Melanie

[barco57]

exactly my point, it isn't changing correctly.

[mprough]

<base href="http://www.sourcetech.co.uk/shop/" /> this may cause CSS problems, but it is a secure link as its an absolute link to the same domain... not an external link.

~Melanie

[barco57]

You can not call stylesheets and images unsecure into a secure page even if it is the same domain. Use firefox and check the dependencies on the page. I troubleshoot these issues everyday. once those are cleared up the page will work.

[mprough]

Hmmmm...

So why is it not switching correctly then.

Check these settings...

includes/configure.php

Code:

define('HTTP_SERVER', 'http://www.sourcetech.co.uk');
define('HTTPS_SERVER', 'https://www.sourcetech.co.uk');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

admin/includes/configure.php

Code:

  define('HTTP_SERVER', 'http://www.sourcetech.co.uk);
  define('HTTPS_SERVER', 'https://www.sourcetech.co.uk');
  define('HTTP_CATALOG_SERVER', 'http://www.sourcetech.co.uk');
  define('HTTPS_CATALOG_SERVER', 'https://www.sourcetech.co.uk');

  // secure webserver for catalog module and/or admin areas?
  define('ENABLE_SSL_CATALOG', 'false');
  define('ENABLE_SSL_ADMIN', 'false');

~Melanie

[mprough]

And this I don't think is going to fly

Code:

<script language="javascript" type="text/javascript"><!--
function session_win() {
  window.open("http://www.sourcetech.co.uk/shop/index.php?main_page=info_shopping_cart","info_shopping_cart","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>

I don't think this will work... I actually had to make a way to use a lightbox script I wanted, but on SSL pages it would not stop making errors... So since it isn't used on SSL pages, now its not included.

Also, your shopping cart page is SSL and should not be, this is likely a config error.

~Melanie

[barco57]

I would be curious to see what the following line in includes/templates/iC_AthemeV1.3/common/html_header.php looks like:

Code:

<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_CATALOG : HTTP_SERVER . DIR_WS_CATALOG ); ?>" />

If this has been changed to a hard coded url it would exhibit this behavior

[mikebackhouse]

Hi Drbyte.. Who's the hosting company? We are!! We have our own webserver in a rack locally

I was wondering about the base HREF=http: etc.. I presume this has been the issue, but no idea how to change it!

[mikebackhouse]

Hi Drbyte.. We have our own webserver in a rack locally, so host our own websites. Which is both handy and annoying all at the same time!

I was wondering about the base HREF=http: etc.. I presume this has been the issue, but no idea how to change it!

Checked the 2 config files, definately ok

Checked the html_header.php and that lines definately ok thanks

Shopping cart IS SSL, but definately isnt causing the problem, because I was having these problems before setting that to SSL. That said, I'll change it back anyway

Cant find the javascript which is causing the problem, I would love nothing more than to remove that! I'll carry on the hunt!!

Code:

<script language="javascript" type="text/javascript"><!--
function session_win() {
  window.open("http://www.sourcetech.co.uk/shop/index.php?main_page=info_shopping_cart","info_shopping_cart","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>

[Website Rob]

Things I have noticed.

- SSL Cert is issued to sourcetech.co.uk
- site does not work without the 'www' in the URL
- invalid characters in JS starting at line 96 of page output
);
//îòñëåæèâàíèå äîïîëíèòåëüíûõ ýëåìåíòîâ
//addListener(document.getElementById('element-id'),

Fixing all of the above will help to sort out some or even a lot, of problems.