annoying popups about non secure content

**this side up** · 21 Feb 2012, 08:28 AM

Just finished upgrading from 1.3.8 to 1.5.

Has anyone else experienced this: When going to cataloge, I get annoying popups about non secure content. This also happens on the product update pages every time it is called.

As far as i remember only the admin - login page was ssl on 1.3.8?

Only add on installed is the FKEditor: Ive compared source views and cannot see any images etc that are being called from HTTP. All are https. (that ive seen).

Not a big deal, but it would be nice to click a little less.
Also is there a way to extend the current 15 minutes inactive login count ...to say 30 minutes?

Thx

**this side up** · 21 Feb 2012, 02:31 PM

Not to worry, apologies - i found the answer to my question here: http://www.zen-cart.com/forum/showthread.php?t=192039

It seems the default install when selecting https as active applies it to all the admin pages.

: It's recommended that the Admin section be secure on all pages, but there is a setting in the configure file to allow an overide so that only the login page is https.

I would prefer to have all pages https as recomended, but the images seem to be causing errors.

**frank18** · 21 Feb 2012, 03:46 PM

Originally Posted by this side up

......

I would prefer to have all pages https as recomended, but the images seem to be causing errors.

Store-internal images should be called as relative links (not hard coded). This way they will not produce errors on SSL pages.

Images stored on other sites (eg PayPal, The Find etc) need to be called using https - not http

To find the culprits, open a secure page which gives you the error(s) and then view the source. In the source do a search for 'http://' (minus my quotes) and see what comes up. Then change the hard coded image links which come from external sites to 'https://'

**this side up** · 22 Feb 2012, 12:53 PM

Thanks Frank18. I found the images thats causing the problem, but i'm not sure how to fix it. On the Admin catalog and product update/product update confirm pages it seems the images that that are not secure are all my product images and the language icon (GB). When I select to display only content that is secure, it is these images that don't display and visa versa.

This is not somthing I would expect under normal admin cart administration.

**frank18** · 22 Feb 2012, 03:21 PM

Please post a link to your site - or PM me the link.

**DrByte** · 23 Feb 2012, 04:50 AM

Sounds like your admin's configure.php file contains incorrect settings for HTTP_CATALOG_SERVER, HTTPS_CATALOG_SERVER, DIR_WS_HTTP_CATALOG, DIR_WS_HTTPS_CATALOG, ENABLE_SSL_CATALOG.

**this side up** · 23 Feb 2012, 11:26 AM

Thank you so much to both. The problem is resolved.
The issue was the result of 2 problems.

1 - Incorrectly set admin configure file.
2 - FKEditor calls a script from a non secure page on google.

<script type="text/javascript" src="http://www.google.com/jsapi"></script> in the ckeditor.php file for the CKEditor module.

I have changed the http: to https:.
I hope that this has no unforseen consequances, but for now it seems to be functioning as it should.

Thanks