frshjb373 Posted September 18, 2013 Share Posted September 18, 2013 I'm not sure if this is the best place to post this issue, but any help is much appreciated. We have a form on our Magento site, that when submitted on Firefox, prompts the following security warning: Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.Are you sure you want to continue sending this information? I have contacted our hosting and they explained it's an issue with the code, "you would typically getting a notice like that if you're calling assets over an http on a page that is using https." If anyone has any insights as to how to avoid this from a development perspective, please let me know. Thank you in advance for the help! Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/ Share on other sites More sharing options...
mac_gyver Posted September 18, 2013 Share Posted September 18, 2013 apparently, your form page is via https://somedomain/somepage.php, but the action attribute that the form submits to is just http (no s.) to avoid the warning both must be the same protocol. if your form page is critical enough to need the https protocol, the data it submits does too. Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/#findComment-1450159 Share on other sites More sharing options...
frshjb373 Posted September 19, 2013 Author Share Posted September 19, 2013 So the action looks like the following: action="<?php echo $this->getUrl('ccfp/form') ?>index" This is what it looks like in source code in browser: action="http://www.domain.com/ccfp/form/index" We are using Magento, but I can't figure how to manipulate the dynamic code to be an https rather than http. Thank you for the help. Look forward to hearing back if anyone has additional info. Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/#findComment-1450291 Share on other sites More sharing options...
AbraCadaver Posted September 19, 2013 Share Posted September 19, 2013 I have no idea about Magento but I just did a quick magento getUrl( Google search and came up with possibly the _secure parameter. So maybe: getUrl('ccfp/form', array('_secure' => true)) Just a guess based on the docs. There is also a _forced_secure. Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/#findComment-1450292 Share on other sites More sharing options...
frshjb373 Posted September 19, 2013 Author Share Posted September 19, 2013 I tried that as well and also tried the "_forced_secure", but no go. Wondering if there's something in the htaccess I can manipulate to actually change the url. Let me know if you can think of anything else and thanks for the help! Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/#findComment-1450295 Share on other sites More sharing options...
Solution frshjb373 Posted September 19, 2013 Author Solution Share Posted September 19, 2013 Wow, I'm an idiot...I had our site bookmarked in Firefox as https://www.domain.com...so the browser changes all pages to do the same. However, when i type in "domain.com" and navigate to form, it works just fine. A lot of wasted time for nothing. Nonetheless, thank you for the advice. I appreciate it. Quote Link to comment https://forums.phpfreaks.com/topic/282262-form-submission-prompts-encryption-message-on-select-browsers/#findComment-1450321 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.