Firefox SSL security warning

[paul3648]

I've just been looking at a few other ZC sites, and it seems that links to products are always on HTTP, so I guess I should hard-code my custom links to HTTP, right?

That way the customer will always view the product details on a non-secure page. Is that how ZC is designed?

[Kim]

Paul - example of this problem?

[paul3648]

Paul - example of this problem?

You can see it on almost any ZC site. Go to one of the product description pages - add an 's' to the URL so that you're viewing it on https, then click the "add to cart" button and you will get the warning. Firefox only - no warning in IE.

[Website Rob]

Although I was able to duplicate what paul3648 was saying, I don't see the problem?

As product pages do not use an SSL connection anyway, as it would slow down the Visitor's Browsing, when would this situation be a problem?

[paul3648]

Perhaps I am the only one this will affect, because I've created a box of product links on my home page that link directly to the product description page. I've done this because I want product links above the fold, and I also want the content of my home page.

http://www.teafromtaiwan.com

So I'm guessing that I can simply hard-code my product links to http and that should be OK. Right?

[Website Rob]

So I'm guessing that I can simply hard-code my product links to http and that should be OK.

Not sure I understand the question? Your site does not use an 'https' connection for the product pages. In fact, I don't see any places other than the usual ones that use an 'https' connection.

[paul3648]

As I mentioned above, when a customer follows this sequence at my site, the product description page will be delivered on https:

1. Log in
2. Follow one of my custom links to a product page.

The custom links are coded into the define file for the main page as relative links. So I think I should change them to absolute links to resolve this problem.

I guess I shouldn't even be mentioning this... I guess no-one else will lay out their site in this manner.

I think I can just hard code the links to http, since that seems to be the standard way to reach a product description page.

Right?

[KenMar]

How do you get your "Forms Submission" to have a https and not http URL?

I have 2 that seems to be a problem and thus not showing a fully secure:

From FireFox page info:

blablabla/index.php?main_page=advanced_search_result
blablabla/index.php?main_page=account_edit
Thanks

[ironwoodknives]

Funny, it is now 2009! and this is STILL BROKEN! Unbelievable that 2 years later I just enabled SSL on Zen and it is driving me crazy as EVERY PAGE that has ssl enabled is popping up this message. It is the dumbest thing I've ever heard of, this whole thread is dumb, JUST FIX THE DAMN BUG and quit saying "ITS NOT A BUG" of course its a BUG if it annoys the hell out of me and my customers and conversely YOUR CUSTOMERS then it is a BUG and needs to be fixed BY YOU so that I am not forced (again 2 YEARS LATER) to have to go through EVERY damn form within YOUR application and do your job for you by modifying the code.

stupid stupid stupid


Did I say it was a BUG? I meant it is FEATURE THAT SUCKS!

My 2 cents
Thanks, Jarrett Neil Ridlinghafer
Take a look http://www.ironwoodknives.com try adding anything to your cart then going through the checkout process and tell me that is not a bug....if its not fixed by then

Glad we are on the same page now, my original question in this thread was asking just that question:

Glad to hear it is something that will be addressed in a future release. I really don't know if getting the warning would scare off a customer, it was just something I happened to notice and thought it might be worth addressing.

In the meantime I will just go through all the templates manually and modify them so the warning does not happen. They can always be used again in future ZC projects.

Thanks for the discussion.

[ironwoodknives]

Hi, Just edit the /includes/config.php file and where it says SSL_Enabled change from 'false' to 'true'

It may not be that exact line but it is like the third section down and you will see, it is where all the SSL and HTTPS sections are found, make sure the https://yourwebsite name is all correct and not commented out also.

I hope that was what you were asking?

--Jarrett

How do you get your "Forms Submission" to have a https and not http URL?

I have 2 that seems to be a problem and thus not showing a fully secure:

From FireFox page info:

blablabla/index.php?main_page=advanced_search_result
blablabla/index.php?main_page=account_edit
Thanks