Internet Explorer 'only secure content is displayed' and social bookmarkssocial bookmarks
Posted 27 March 2012 - 16:37
The store I've been working on was generating the bar across the bottom of Internet Explorer that says 'Only Secure Content is Displayed'
The entire store is protected by the hosts server side SSL as well as a geoTrust cert. as per the clients wishes to have the URL bar padlock displayed regardless of whether the visitor is in a secure section of the store or not.
After some digging I realized that what was causing the message was the Social Bookmarks module, specifically the LIKE facebook and Twitter TWEET buttons and the regular links to those two sites.
To solve this problem open:
catalog/includes/modules/social_bookmarks/sb_facebook_like.php and the relevant files for facebook, twitter and the twitter button, scroll down to the URL's for facebook and twitter <iframe source="http:// ... " > and simply change http to https
this will prevent IE from annoying or confusing, and possibly scaring away your visitors with the security message pop up
Posted 13 May 2012 - 00:37
What kind of warnings/errors you get when putting http items on an https page depends on what the item is. If it's embedded content (images, css files, js files, etc.) you will likely get a strong complaint that there are insecure items on the page, or that all insecure items are being ignored. Links to insecure (http) pages may generate a warning that you are leaving a secure page or area. Links to foreign sites may generate a warning even if the site is secure (https). All this behavior is usually a matter of browser settings, so it is not something you can easily control from the server end.
Posted 17 September 2012 - 14:43
$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
in your application_top.php you can use everywhere in all pages that reference something not on your own page.
.(($request_type == 'SSL')?"https://":"http://").
for example the google scripts i always use
html5shiv looks like this
<!--[if lt IE 9]> <script src="<?php echo (($request_type == 'SSL') ? 'https' : 'http'); ?>://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
jquery scripts look like this
this will automatically use http or https and eliminate all warnings.
Posted 04 January 2013 - 09:14