Why is my HTTPS form posting to the HTTP page?

LLLLLLL · May 9, 2012

If I'm on https://myserver.com/test.php, why is this form posting to the HTTP version of the page?

<form method="post" action="test.php?step=1">
<input type="text" name="email">
<input type="submit" name="submit">
</form>

I can hard-code the full path in the action, but that seems unnecessary.

Further, I have some pages where it posts to HTTPS first (as I expect). Why would it go to one versus another?

requinix · May 9, 2012

Because there's something else going on.

Or in other words, not enough information. Is this online somewhere we can see?

LLLLLLL · May 9, 2012

(sent a private message with URL)

LLLLLLL · May 10, 2012

The only additional information I have is that based on browser settings, a user might get "although this page is encrypted the information you have entered is to be sent over an unencrypted network."

This still doesn't make sense. It is an HTTPS page with a relative URL. How can it be posting as HTTP? Ugh.

LLLLLLL · May 10, 2012

The answer here was that there was a <base> element on the page that I forgot about. This <base> tag had the href in HTTP, not HTTPS. Eh voila.

Sign In

Why is my HTTPS form posting to the HTTP page?

Recommended Posts

LLLLLLL

Link to comment

Share on other sites

requinix

Link to comment

Share on other sites

LLLLLLL

Link to comment

Share on other sites

LLLLLLL

Link to comment

Share on other sites

LLLLLLL

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information