Roaddoctor Posted October 17, 2014 Share Posted October 17, 2014 On both my 2.2rc2a and 2.4 shops (same server) SSL on Chrome is broken. Appears to be mixed content issue but it does not make sense. IE and FF are good, no problems. Any insight appreciated My two shops are here and here I’m trying to learn Fiddler, but haven’t a clue how to use properly yet. If there is mixed content, which I do not believe there is, why only Chrome? and if there is mixed content, I need help resolving. -dazed and confused Thank you Dave -Dave Link to comment Share on other sites More sharing options...
Mort-lemur Posted October 17, 2014 Share Posted October 17, 2014 @@Roaddoctor put the URL that causes problems in this: https://www.whynopadlock.com/ its a good tool for sniffing out non-secure links on pages Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
Mort-lemur Posted October 17, 2014 Share Posted October 17, 2014 @@Roaddoctor on one of the above links on the create account page you have a call that is not valid according to the above tool: smarticon.geotrust.com is an invalid URL/domain Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
Roaddoctor Posted October 17, 2014 Author Share Posted October 17, 2014 @@Mort-lemur Heather - yes I went there yesterday and saw the same, but it has to be a false report somehow.... it's the common https geotrust badge... and the same code is on the other site but does not flag. yesterday I tested by removing that code, but the error persisted. So no sure what to think about that. Using Chrome, If you go to, for example, the login.php page, CTRL-SHIFT-J, I see the insecure errors. There are 4 on one of the sites and 2 on the other that I guess are the problem. I received trusted advice elsewhere to replace the offending http links in the forms with the tep_href_link() function. For each link in question changing it to this: tep_href_link(FILENAME_WHATEVER, '', $request_type) Thanks for any other thoughts, advice, or insights. Rant: stupid chrome :) -Dave Link to comment Share on other sites More sharing options...
Roaddoctor Posted October 18, 2014 Author Share Posted October 18, 2014 If it will help anyone else, in short, if you get the mixed content issue, using Chrome, press CTRL-SHIFT-J, reload the page and the problem code will be highlighted. Pretty much involves just changing 'NONSSL' to $request_type I had one error that required a bit more - here is a new version of bm_manufacturers.php. Full credit to mattjt83 for the help - your awesome thank you. <?php /* $Id$ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2013 osCommerce Released under the GNU General Public License */ class bm_manufacturers { var $code = 'bm_manufacturers'; var $group = 'boxes'; var $title; var $description; var $sort_order; var $enabled = false; var $pages; function bm_manufacturers() { $this->title = MODULE_BOXES_MANUFACTURERS_TITLE; $this->description = MODULE_BOXES_MANUFACTURERS_DESCRIPTION; if ( defined('MODULE_BOXES_MANUFACTURERS_STATUS') ) { $this->sort_order = MODULE_BOXES_MANUFACTURERS_SORT_ORDER; $this->enabled = (MODULE_BOXES_MANUFACTURERS_STATUS == 'True'); $this->pages = MODULE_BOXES_MANUFACTURERS_DISPLAY_PAGES; $this->group = ((MODULE_BOXES_MANUFACTURERS_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right'); } } function getData() { global $HTTP_GET_VARS, $request_type, $oscTemplate; $data = ''; $manufacturers_query = tep_db_query("select manufacturers_id, manufacturers_name from " . TABLE_MANUFACTURERS . " order by manufacturers_name"); if ($number_of_rows = tep_db_num_rows($manufacturers_query)) { if ($number_of_rows <= MAX_DISPLAY_MANUFACTURERS_IN_A_LIST) { // Display a list $manufacturers_list = '<ul style="list-style: none; margin: 0; padding: 0;">'; while ($manufacturers = tep_db_fetch_array($manufacturers_query)) { $manufacturers_name = ((strlen($manufacturers['manufacturers_name']) > MAX_DISPLAY_MANUFACTURER_NAME_LEN) ? substr($manufacturers['manufacturers_name'], 0, MAX_DISPLAY_MANUFACTURER_NAME_LEN) . '..' : $manufacturers['manufacturers_name']); if (isset($HTTP_GET_VARS['manufacturers_id']) && ($HTTP_GET_VARS['manufacturers_id'] == $manufacturers['manufacturers_id'])) $manufacturers_name = '<strong>' . $manufacturers_name .'</strong>'; $manufacturers_list .= '<li><a href="' . tep_href_link(FILENAME_DEFAULT, 'manufacturers_id=' . $manufacturers['manufacturers_id'], $request_type) . '">' . $manufacturers_name . '</a></li>'; } $manufacturers_list .= '</ul>'; $content = $manufacturers_list; } else { // Display a drop-down $manufacturers_array = array(); if (MAX_MANUFACTURERS_LIST < 2) { $manufacturers_array[] = array('id' => '', 'text' => PULL_DOWN_DEFAULT); } while ($manufacturers = tep_db_fetch_array($manufacturers_query)) { $manufacturers_name = ((strlen($manufacturers['manufacturers_name']) > MAX_DISPLAY_MANUFACTURER_NAME_LEN) ? substr($manufacturers['manufacturers_name'], 0, MAX_DISPLAY_MANUFACTURER_NAME_LEN) . '..' : $manufacturers['manufacturers_name']); $manufacturers_array[] = array('id' => $manufacturers['manufacturers_id'], 'text' => $manufacturers_name); } $content = tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', $request_type, false), 'get') . tep_draw_pull_down_menu('manufacturers_id', $manufacturers_array, (isset($HTTP_GET_VARS['manufacturers_id']) ? $HTTP_GET_VARS['manufacturers_id'] : ''), 'onchange="this.form.submit();" size="' . MAX_MANUFACTURERS_LIST . '" style="width: 100%"') . tep_hide_session_id() . '</form>'; } $data = '<div class="ui-widget infoBoxContainer">' . ' <div class="ui-widget-header ui-corner-top infoBoxHeading">' . MODULE_BOXES_MANUFACTURERS_BOX_TITLE . '</div>' . ' <div class="ui-widget-content ui-corner-bottom infoBoxContents">' . $content . '</div>' . '</div>'; } return $data; } function execute() { global $SID, $oscTemplate; //if ((USE_CACHE == 'true') && empty($SID)) { if ((USE_CACHE == 'true') && empty($SID) && ($request_type == 'NONSSL')) { //changed because cache will show nonssl links on ssl pages $output = tep_cache_manufacturers_box(); } else { $output = $this->getData(); } $oscTemplate->addBlock($output, $this->group); } function isEnabled() { return $this->enabled; } function check() { return defined('MODULE_BOXES_MANUFACTURERS_STATUS'); } function install() { tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Manufacturers Module', 'MODULE_BOXES_MANUFACTURERS_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_MANUFACTURERS_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '1', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_MANUFACTURERS_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Display in pages.', 'MODULE_BOXES_MANUFACTURERS_DISPLAY_PAGES', 'all', 'select pages where this box should be displayed. ', '6', '0','tep_cfg_select_pages(' , now())"); } function remove() { tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')"); } function keys() { return array('MODULE_BOXES_MANUFACTURERS_STATUS', 'MODULE_BOXES_MANUFACTURERS_CONTENT_PLACEMENT', 'MODULE_BOXES_MANUFACTURERS_SORT_ORDER', 'MODULE_BOXES_MANUFACTURERS_DISPLAY_PAGES'); } } ?> -Dave Link to comment Share on other sites More sharing options...
Roaddoctor Posted October 19, 2014 Author Share Posted October 19, 2014 Been reading up on this - basically browsers are getting stricter as time goes on. I did not have this problem with Chrome v37 or prior. Chrome Version 38.0.2125.104 m is when I first noticed this issue. So update your Chrome and test. -Dave Link to comment Share on other sites More sharing options...
jcannaveno Posted November 6, 2014 Share Posted November 6, 2014 Had a very similar issue. Went through my site and got the error fixed in Chrome by changing 'NONSSL' to 'SSL'. However in Firefox browser i still have a grey triangle. Any ideas? Link to comment Share on other sites More sharing options...
Roaddoctor Posted November 6, 2014 Author Share Posted November 6, 2014 you'd likely be better off changing to $request_type where appropriate -Dave Link to comment Share on other sites More sharing options...
jcannaveno Posted November 6, 2014 Share Posted November 6, 2014 when i changed NONSSL to $request_type it broke some parts of the site..particularly search and advanced search Link to comment Share on other sites More sharing options...
Roaddoctor Posted November 30, 2014 Author Share Posted November 30, 2014 looks like Chrome is up to no good again. Using version 39 - I'm getting the mixed content warning again, but this time I cannot locate any mixed content.... very frustrating. -Dave Link to comment Share on other sites More sharing options...
Roaddoctor Posted November 30, 2014 Author Share Posted November 30, 2014 https://code.google.com/p/chromium/issues/detail?id=401365 Since my cert is sha-1 AND expires after 1/1/2017 I get the warning triangle.... seriously? Hey Google - how about a little more time before you go nuclear on sha-1. So really now the only fix is to go update to SHA256 certificates. Easy enough, but a pia at the busy holiday shopping season. -Dave Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 Having the yellow triangle problem again..when i scan the site on whynopadlock.com it tells me that there is a insecure <form> call on line 303 of index.html..which looks to be my search bar...any ideas? Link to comment Share on other sites More sharing options...
Roaddoctor Posted April 20, 2015 Author Share Posted April 20, 2015 If it will help anyone else, in short, if you get the mixed content issue, using Chrome, press CTRL-SHIFT-J, reload the page and the problem code will be highlighted. Pretty much involves just changing 'NONSSL' to $request_type if that's not it post the problem code here -Dave Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 when i change 'NONSSL' to $request_type it breaks the whole site. here is my bm_search.php as it looks right now: <?php /* $Id$ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ class bm_search { var $code = 'bm_search'; var $group = 'boxes'; var $title; var $description; var $sort_order; var $enabled = false; function bm_search() { $this->title = MODULE_BOXES_SEARCH_TITLE; $this->description = MODULE_BOXES_SEARCH_DESCRIPTION; if ( defined('MODULE_BOXES_SEARCH_STATUS') ) { $this->sort_order = MODULE_BOXES_SEARCH_SORT_ORDER; $this->enabled = (MODULE_BOXES_SEARCH_STATUS == 'True'); $this->group = ((MODULE_BOXES_SEARCH_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right'); } } function execute() { global $oscTemplate; $data = '<div class="ui-widget infoBoxContainer">' . ' <div class="ui-widget-header infoBoxHeading">' . MODULE_BOXES_SEARCH_BOX_TITLE . '</div>' . ' <div class="ui-widget-content infoBoxContents" style="text-align: center;">' . ' ' . tep_draw_form('quick_find', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'SSL', false), 'get') . ' ' . tep_draw_input_field('keywords', '', 'size="10" maxlength="30" style="width: 75%"') . ' ' . tep_draw_hidden_field('search_in_description', '1') . tep_hide_session_id() . tep_image_submit('button_quick_find.gif', MODULE_BOXES_SEARCH_BOX_TITLE) . '<br />' . MODULE_BOXES_SEARCH_BOX_TEXT . '<br /><a href="' . tep_href_link(FILENAME_ADVANCED_SEARCH) . '"><strong>' . MODULE_BOXES_SEARCH_BOX_ADVANCED_SEARCH . '</strong></a>' . ' </form>' . ' </div>' . '</div>'; $oscTemplate->addBlock($data, $this->group); } function isEnabled() { return $this->enabled; } function check() { return defined('MODULE_BOXES_SEARCH_STATUS'); } function install() { tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Search Module', 'MODULE_BOXES_SEARCH_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_SEARCH_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '1', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_SEARCH_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); } function remove() { tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')"); } function keys() { return array('MODULE_BOXES_SEARCH_STATUS', 'MODULE_BOXES_SEARCH_CONTENT_PLACEMENT', 'MODULE_BOXES_SEARCH_SORT_ORDER'); } } ?> Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 I changed 'NONSSL' to 'SSL' and that seemed to fix it last time i had this issue but now it is broken again My website is https://www.newarkmusical.com Link to comment Share on other sites More sharing options...
burt Posted April 20, 2015 Share Posted April 20, 2015 global scope the $request_type prior to using it function execute() {global $oscTemplate, $request_type; Link to comment Share on other sites More sharing options...
Bob Terveuren Posted April 20, 2015 Share Posted April 20, 2015 Hi My Chrome is saying Mixed Content: The page at 'https://www.newarkmusical.com/'was loaded over HTTPS, but requested an insecure favicon 'http://templates.doteasy.com/ErrorPages/error404/'. This content should also be served over HTTPS. I reckon that you have a link in your <head> tag to a favicon that is missing - your hosting company (DotEasy) is then redirecting to a generic 404 page as per their T&C - that's over HTTP so you get the warning. You'll need to find the link to the favicon.ico in your code and get it linking to a file that exists or else remove the link altogether Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 @Bob Terveuren in what file would i find that link? header.php? Link to comment Share on other sites More sharing options...
Bob Terveuren Posted April 20, 2015 Share Posted April 20, 2015 Hi Good question - in 2.3.4 it is a config entry includes\modules\header_tags\ht_opensearch.php If you have an earlier version then someplace else but I only have a 2.3.4 here atm Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 ok i will try that..i'm running 2.3.3 right now so hopefully it's the same Link to comment Share on other sites More sharing options...
jcannaveno Posted April 20, 2015 Share Posted April 20, 2015 ok this is my ht_opensearch.php file. Not really sure what i need to change <?php /* $Id$ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ class ht_opensearch { var $code = 'ht_opensearch'; var $group = 'header_tags'; var $title; var $description; var $sort_order; var $enabled = false; function ht_opensearch() { $this->title = MODULE_HEADER_TAGS_OPENSEARCH_TITLE; $this->description = MODULE_HEADER_TAGS_OPENSEARCH_DESCRIPTION; if ( defined('MODULE_HEADER_TAGS_OPENSEARCH_STATUS') ) { $this->sort_order = MODULE_HEADER_TAGS_OPENSEARCH_SORT_ORDER; $this->enabled = (MODULE_HEADER_TAGS_OPENSEARCH_STATUS == 'True'); } } function execute() { global $oscTemplate; $oscTemplate->addBlock('<link rel="search" type="application/opensearchdescription+xml" href="' . tep_href_link('opensearch.php', '', 'NONSSL', false) . '" title="' . tep_output_string(STORE_NAME) . '" />', $this->group); } function isEnabled() { return $this->enabled; } function check() { return defined('MODULE_HEADER_TAGS_OPENSEARCH_STATUS'); } function install() { tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable OpenSearch Module', 'MODULE_HEADER_TAGS_OPENSEARCH_STATUS', 'True', 'Add shop search functionality to the browser?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Short Name', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_SHORT_NAME', '" . tep_db_input(STORE_NAME) . "', 'Short name to describe the search engine.', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Description', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_DESCRIPTION', 'Search " . tep_db_input(STORE_NAME) . "', 'Description of the search engine.', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Contact', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_CONTACT', '" . tep_db_input(STORE_OWNER_EMAIL_ADDRESS) . "', 'E-Mail address of the search engine maintainer. (optional)', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Tags', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_TAGS', '', 'Keywords to identify and categorize the search content, separated by an empty space. (optional)', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Attribution', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ATTRIBUTION', 'Copyright (c) " . tep_db_input(STORE_NAME) . "', 'Attribution for the search content. (optional)', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Adult Content', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ADULT_CONTENT', 'False', 'Search content contains material suitable only for adults.', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('16x16 Icon', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ICON', '" . HTTP_CATALOG_SERVER . DIR_WS_CATALOG . "favicon.ico', 'A 16x16 sized icon (must be in .ico format, eg http://server/favicon.ico). (optional)', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('64x64 Image', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_IMAGE', '', 'A 64x64 sized image (must be in .png format, eg http://server/images/logo.png). (optional)', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_HEADER_TAGS_OPENSEARCH_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); } function remove() { tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')"); } function keys() { return array('MODULE_HEADER_TAGS_OPENSEARCH_STATUS', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_SHORT_NAME', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_DESCRIPTION', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_CONTACT', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_TAGS', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ATTRIBUTION', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ADULT_CONTENT', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_ICON', 'MODULE_HEADER_TAGS_OPENSEARCH_SITE_IMAGE', 'MODULE_HEADER_TAGS_OPENSEARCH_SORT_ORDER'); } } ?> Link to comment Share on other sites More sharing options...
jcannaveno Posted April 21, 2015 Share Posted April 21, 2015 I have looked everywhere I can possibly think of. I still get this error message when I press Ctrl+Shift+J: Mixed Content: The page at 'https://www.newarkmusical.com/'was loaded over HTTPS, but requested an insecure favicon 'http://templates.doteasy.com/ErrorPages/error404/'. This content should also be served over HTTPS. I can't find any links to any missing favicons or any insecurity anywhere else on my site. This is proving to be very frustrating since i haven't changed anything on my site and this just started happening. In Firefox it shows that all of the SSL checks out fine, which makes me think that Google changed something to cause this issue in Chrome. Any help would really be appreciated. I don't really know where to go from this point. Link to comment Share on other sites More sharing options...
jcannaveno Posted April 21, 2015 Share Posted April 21, 2015 I fixed my issue. I had to make a favicon for my site. Thanks Google for shoving that down my throat. Link to comment Share on other sites More sharing options...
ozEworks Posted April 22, 2015 Share Posted April 22, 2015 I've found the main culprit to be the Search box code. You need to change it to secure. Link to comment Share on other sites More sharing options...
Supertex Posted June 18, 2015 Share Posted June 18, 2015 Perhaps this might help someone... I recently had an issue of this nature, but it popped up right after I enabled hotlink protection. Anything I searched would return the mixed content issues...missing images...no lock in the address bar, etc. I removed the hotlink protection from the .htaccess, and the problems went away. So I put the hotlink entries back, and added 'https' entries. That fixed the problem entirely. Original entries: RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|pdf)$ http://mysite.com [R,NC] Modified entry: RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^https://mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^https://mysite.com$ [NC] RewriteCond %{HTTP_REFERER} !^https://www.mysite.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^https://www.mysite.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|pdf)$ http://mysite.com [R,NC] osC v2.3.1 MySQL v8.0.32 PHP v5.6.40 Installed addons: . Attribute Sets Plus .. Create Account & Manual Order Maker .. Customer Testimonials 2.3.4 .. Customer Blacklist .. Dynamic Info Pages .. FedEx Web Svcs v9 .. Filtered Sales Report .. Generic Box .. Google XML Sitemap SEO .. Maximum Order Value .. Modular Front Page .. Monthly Sales & Tax Report .. Multiple Products Manager .. Must Accept Terms & Conditions .. Order Editior .. PDF Customer Invoice .. Price in Cart Only .. Product Sort/Order .. Product Sort in Cart .. Quantity Discounts .. Restrict Delivery Methods .. SEO Header Tags - Reloaded .. Separate Pricing Per Customer .. Simpler Admin Session Length Control .. Sitemap SEO .. Show Free Ship + Modules .. Specials by Category for SPPC .. Store Mode (open|closed|maintenance) .. Store Pickup Shipping .. Theme Switcher .. Ultimate SEO URLs 5 Pro .. UPS XML Rates & Svcs 1.4 .. USPS methods 7.3.1 .. Who's Online Dashboard . Fixes: Add to cart -> 'product not found' : FIX Login issues with IE 11 : FIX Tools: Incredibly Handy: osC Xref Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.