If I go to a https page on our site, everything is fine. But when I click on a http page from a https page, the url stays https. This causes some problems with various sections of our site. I don’t know if this is a bug.
Is there a way to “force” http pages to use http urls even if the user navigates from a https pages?
The only way would be to hardcode every non-SSL url from the https pages to be “http://PLUS FULL URL PATH”. Even though the urls show “https” from SSL pages, they do redirect properly to a non-SSL (http) page. You’ll also notice that from http pages all urls are http and none are https.
[quote name=‘adodric’]The only way would be to hardcode every non-SSL url from the https pages to be “http://PLUS FULL URL PATH”. Even though the urls show “https” from SSL pages, they do redirect properly to a non-SSL (http) page. You’ll also notice that from http pages all urls are http and none are https.[/QUOTE]
Actually, it’s not correct that you have to use an absolute path. There is another way to cause http pages to always show as http pages even when coming from a https page … I just don’t recall the code.
And I just checked my 1.3.5 site and this was not a problem. So it must be a bug in 2.x. And I can’t seem to track down the page that had this code in the 1.3.5 site.
Some of my http pages do not display correctly if the url is https. So I need to correct this.
[quote name=‘knoxbury’]Actually, it’s not correct that you have to use an absolute path. There is another way to cause http pages to always show as http pages even when coming from a https page … I just don’t recall the code.
And I just checked my 1.3.5 site and this was not a problem. So it must be a bug in 2.x. And I can’t seem to track down the page that had this code in the 1.3.5 site.
Some of my http pages do not display correctly if the url is https. So I need to correct this.[/QUOTE]
I’m not sure what code you are referring to, but normally for a link from an https page to go to a http page, it would have to be linked as http://blahblahlinkstuffhere. I think the code you’re thinking about is the CS Cart function code that they implemented. This is not the way it works on a normal website.
CS Cart handles links differently, they are passed through an SSL check function, if the page is meant to be secure then it redirects it to https, otherwise it redirects it to http. Since your pages are remaining https and not changing to http, then this is a bug. That should not be happening. I missed that in your original post.
Edit: CS Cart uses a header redirect to change the page from https to http. If there is any sort of actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP, then the redirect will not work and the page will be shown as https. If you’ve made any changes to your code recently, perhaps in an area that can affect all pages, like an include or some output for all pages, then you should remove those changes.
[quote]If you’ve made any changes to your code recently, perhaps in an area that can affect all pages, like an include or some output for all pages, then you should remove those changes.[/quote]
I haven’t made any changes recently that would affect all pages.
After some more testing, it appears that this only happens with “Pages”, not with products, categories, etc.
[quote name=‘knoxbury’]I haven’t made any changes recently that would affect all pages.[/QUOTE]
Did you apply the changes from the thread Annoying SSL Refresh? If so maybe you mistyped something. Just trying to help you sort this out.
Edit: Ok, posted this as you were posting your last post. Let me try to test this on my CS Cart install and I’ll get back to you.
Edit 2: I can confirm that this happens for pages on my install also. This is definitely a bug, for some reason the function that checks if a page is SSL or not for the url is not working on CS Cart created “pages”. This should be reported as a bug. Note, I am running 2.0.12 still. I did not test this on 2.0.14.
[quote name=‘adodric’]Did you apply the changes from the thread Annoying SSL Refresh? If so maybe you mistyped something. Just trying to help you sort this out.
Edit: Ok, posted this as you were posting your last post. Let me try to test this on my CS Cart install and I’ll get back to you.
Edit 2: I can confirm that this happens for pages on my install also. This is definitely a bug, for some reason the function that checks if a page is SSL or not for the url is not working on CS Cart created “pages”. This should be reported as a bug. Note, I am running 2.0.12 still. I did not test this on 2.0.14.[/QUOTE]
I reported it in bug tracker. Thanks for your help and confirming you have the same problem. I’m also using 2.0.12
I posted a confirmation reply on your bug tracker post. Perhaps Jobo can test this on 2.0.14 when he’s around.
Ok, I found the reason for this. This is not a bug so much as the cart was designed to do this for “Pages”. Here is how to fix it:
- Open the file “/core/fn.control.php”
- Go to line “220”. It should contain code like this:
function fn_get_secure_controllers()
{
$secure_controllers = array(
'payment_notification' => 'passive',
'pages' => 'passive',
'image' => 'passive',
);
3. Remove the “‘pages’ => ‘passive’,” part of that code so it is now just:
function fn_get_secure_controllers()
{
$secure_controllers = array(
'payment_notification' => 'passive',
'image' => 'passive',
);
4. Save the file and it should now always go to http for “Pages” type pages.
Thanks for the code modification, but it would be nice to know from CS-Cart as to why it’s like this so I don’t mess up another functionality.
Unless there is some way to display the “Pages” data on another page, then there is no reason for it to be the way it is and this fix should not affect any functionality of the cart.
What about a block on a SSL page that references Pages? Would that be a problem?
[quote name=‘knoxbury’]What about a block on a SSL page that references Pages? Would that be a problem?[/QUOTE]
If it pulls the data from the “Page” and relates that data as http then yes, if it is pulled in that manner. If they do, then that isn’t a good way to go about it anyway and more changes should be implemented.
I’ve never made a block that referenced a “Page” but if that is possible, I’ll test it in a bit.
I can’t find a way to make a block that pulls data from a “Page” (granted I just took a quick look at it), if this is possible then I am overlooking it. Sure you can list links to the pages in a block, but other than that is there a way to actually list the Page data in a block? If not, then the code modification shouldn’t affect any other functionality of the cart.
[quote name=‘adodric’]I can’t find a way to make a block that pulls data from a “Page” (granted I just took a quick look at it), if this is possible then I am overlooking it. Sure you can list links to the pages in a block, but other than that is there a way to actually list the Page data in a block? If not, then the code modification shouldn’t affect any other functionality of the cart.[/QUOTE]
Yes, you can make a block that references a page. (see attached screenshot)
EDIT: Yes, I’m referring to a link, not page data.
Right, but that just lists links to pages based on your settings for how they are generated. The changes above won’t hurt this, instead it will make it so when clicked they open as http and not https, which was the original goal.