Jump to content

Mixed content warning on all HTTPS pages for homepage


Recommended Posts

Hi guys,

I was able to fix the blocksearch related issue on HTTPS pages but I haven't found how to fix the warning related to the home page. Chrome dev tools show this:

 

Mixed Content: The page at 'https://domain.com/contact-us' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http:/domain.com/'. This endpoint should be made available over a secure connection.

 

Any advice please? Thank you in advance.

Edited by aliaspt (see edit history)
Link to comment
Share on other sites

view the source of the contact-us page and locate the form that is using http instead of https

When I view the source of the page, there are plenty of links with http, such as the product in the shopping cart, all categories and subcategories, brands, social media links, etc. Am I looking at the wrong stuff? I get the mixed content error for the home page only.

 

Thank you.

Link to comment
Share on other sites

vekia, I have done that on whynopadlock.com and it showed the following:

 

Insecure <form> call.
Found on line # 1 in file: mydomain.com/contact-us

(Note: Chrome will show a security error for any secure page with an insecure <form> call on the page)

 

I am not entirely sure what it means or how to fix it.

 

Thank you.

 

check your page with https://www.whynopadlock.com/

you will see files that arent loaded via secured protocol

Link to comment
Share on other sites

but the issue reported by whynopadlock everywhere is the same ?

it's important

 

what appears there if you check homepage of your shop?

 

The home page is not https and it gets redirected to http when tested on whynopadlock.

 

I've checked /contact-us, /quick-order, /my-account, /order-history, /identity (i.e., pretty much all HTTPS pages), and they all give the same error on whynopadlock:

Insecure <form> call.

Found on line # 1

 

And Chrome dev tools show:

Mixed Content: The page at 'https://mydomain.com/----' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://mydomain.com/'. This endpoint should be made available over a secure connection.

 

Thank you.

Link to comment
Share on other sites

as I said already, view the source of the contact-us page.  search for <form or action and you will find an insecure UTL there.  it may not start with http or https if it is a relative path

 

its going to look something like this

<form action="/some/insecure/url" >
Link to comment
Share on other sites

 

as I said already, view the source of the contact-us page.  search for <form or action and you will find an insecure UTL there.  it may not start with http or https if it is a relative path

 

its going to look something like this

<form action="/some/insecure/url" >

 

By the source, do you mean right click on the page in a browser and view source or look at the code somewhere?

Thank you.

Link to comment
Share on other sites

 

as I said already, view the source of the contact-us page.  search for <form or action and you will find an insecure UTL there.  it may not start with http or https if it is a relative path

 

its going to look something like this

<form action="/some/insecure/url" >

 

Hey, I think I found it. It appears to be related to the newsletter block.

Link to comment
Share on other sites

The solution I found here (https://github.com/PrestaShop/PrestaShop/commit/15818a849ab1e93222d2b26d52e03777cd7362f6) suggests adding both "false" and "true" to the form action line, but on the forums they suggest adding "true" only. Which is the proper version?

 

Edit: I've added "true" to the line and now I get a green padlock in Chrome.

 

Thank you, bellini13!

Edited by aliaspt (see edit history)
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...