We are seeing an insecure content warning in the checkout page (shipping details) in Google Chrome, but not in Safari or Firefox. The only thing I can see in the source is a call to a file inv.cgi that is hard coded http://. It is being called in a javascript function ss_inv_getinfo();
That same function appears in the source on Safari and Firefox as well, but we are not seeing the insecure content warning there. I'm not sure if that's it or if it's something else causing it.
At first I thought it may be somehow related to the fact that I was logged in to the admin as well, so I tried on another computer and got the same error.
And I just confirmed that it is, indeed, the ss_inv_getinfo() function. It also happens if you try to access a regular page using secure ssl protocol. When I manually removed the block of javascript calling the ss_inv_getinfo() function, it no longer throws an insecure warning.
What can I do to fix this? I can't remove this code because it is apparently being added by ShopSite to my pages. How can I fix this error in Chrome?
Insecure content error in Chrome, but not Firefox or Safari
3 posts
• Page 1 of 1
Insecure content error in Chrome, but not Firefox or Safari
by beley » Wed Dec 31, 2014 8:01 am
Brandon Eley
Certified ShopSite Designer
Certified ShopSite Designer
- beley
- Posts: 111
- Joined: Sun Aug 06, 2006 10:05 am
- Location: LaGrange, GA
Re: Insecure content error in Chrome, but not Firefox or Saf
by beley » Wed Dec 31, 2014 8:11 am
Well I thought that it was the script, the more I test it doesn't fix the issue even if I remove ALL scripts from the page. Could it be a bug in Chrome? Anyone else seeing this issue?
Brandon Eley
Certified ShopSite Designer
Certified ShopSite Designer
- beley
- Posts: 111
- Joined: Sun Aug 06, 2006 10:05 am
- Location: LaGrange, GA
Re: Insecure content error in Chrome, but not Firefox or Saf
by beley » Wed Dec 31, 2014 8:46 am
OK figured it out. It's saying there's insecure content on the page, but there really isn't. It's actually a couple of the FORM ACTIONs that point to an insecure page. Which should be OK since they're the site search form and email signup form.
When I hard coded those to both use relative URLs in my template, the error went away.
I'm not sure what changed in Chrome to make it treat http form actions as insecurely loaded content (since they are most definitely NOT loaded yet) but definitely something to check out on your site.
I know they used to give a warning before submitting content to an insecure page, but they've taken it to another level here by marking the entire page as possibly insecure. Wonder how many orders we lost because customers didn't have confidence our site was secure...
When I hard coded those to both use relative URLs in my template, the error went away.
I'm not sure what changed in Chrome to make it treat http form actions as insecurely loaded content (since they are most definitely NOT loaded yet) but definitely something to check out on your site.
I know they used to give a warning before submitting content to an insecure page, but they've taken it to another level here by marking the entire page as possibly insecure. Wonder how many orders we lost because customers didn't have confidence our site was secure...
Brandon Eley
Certified ShopSite Designer
Certified ShopSite Designer
- beley
- Posts: 111
- Joined: Sun Aug 06, 2006 10:05 am
- Location: LaGrange, GA
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 105 guests