Jump to content

[SOLVED] https for all site except category and subcategory


tinama

Recommended Posts

Hello,

 

I have Windows 7 home premium 64 bit SP1, the latest versions of Mozilla Firefox (50.0.2), Internet explorer (11.0.9600.18524) and Chrome (55.0.2883.75 m), and Prestashop 1.6.1.5.

 

I don't understand why on Chrome, all the URLs about categories and relate subcategories haven't the green padlock, while on Firefox and Internet Explorer both have it.

 

On Chrome, clicking on details, "Valid Certificate" and "Secure Connection" are green both, but in "Mixed Content"

is written what "The site includes HTTP resources".

Indeed looking into source code, all the  URLs ( "<a href="http://www."> ) about categories and subcategories include http://www.  and not  https://www.

All the other pages (homepage, cms pages, product pages, checkout pages, creation account pages, etc.) of the e-commerce have the green padlock on Chrome.

 

How can fix this issue?

Thanks

Edited by tinama (see edit history)
Link to comment
Share on other sites

Hello,

 

I have Windows 7 home premium 64 bit SP1 and the latest versions of Mozilla Firefox (50.0.2), Internet explorer (11.0.9600.18524) and Chrome (55.0.2883.75 m)

 

My e-commerce has been developed with Prestashop 1.6.1.5 version.

 

In Internet Explorer and Firefox both, all the pages of www.prodottibionline.it  have the green padlock (so it's good),

while on Chrome all the categories and subcategories haven't the green padlock (it is not good), because all the URLs linked to the categories and subcategories include http://www.  and not  https://www. (have a look into source code about categories and subcategories pages).

 

Is possible to fix this issue?

Thanks

Link to comment
Share on other sites

I see the following warning message in Chrome:

 

Mixed Content: The page at <HTTPS page> was loaded over a secure connection, but contains a form which targets an insecure endpoint <your_domain>/alimentari-biologici-certificati/?categories_rewrite=&noredirect=1'. This endpoint should be made available over a secure connection.

 

After finding this code, I see the problem is the productSort form. It is being sent over HTTP instead of HTTPS. You should have a look at product-sort.tpl in your theme and make sure the form action is HTTPS. Maybe change the line from something like:

<form id="productsSortForm{if isset($paginationId)}_{$paginationId}{/if}" action="{$request|escape:'html':'UTF-8'}" class="productsSortForm">

to:

<form id="productsSortForm{if isset($paginationId)}_{$paginationId}{/if}" action="{$request|escape:'html':'UTF-8'|str_replace:'http://':'https://'}" class="productsSortForm">
Link to comment
Share on other sites

I opened my theme's folder and found product-sort.tpl file, then opened it and edited as above.

 

In Smarty, I clean the cache and tried also "Force compilation" and Save; so I clean everything on Chrome also (cookie, cache, etc.).

 

Unfortunately the issue is still there.

Edited by tinama (see edit history)
Link to comment
Share on other sites

Sorry, the str_replace function didn't work like I thought it would. Try the following instead:
<form id="productsSortForm{if isset($paginationId)}_{$paginationId}{/if}" action="https://{$request|escape:'html':'UTF-8'|substr:7}" class="productsSortForm">

I tested it on my test site and it worked.

  • Like 2
Link to comment
Share on other sites

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...