Setting "Switch back to http pages when there are no matches" and in combination with a custom url rewrite that adds an extra path element to certain node pages. The comment form is altered to have an absolute destination that is http, even when the node the comment is being submitted to is https. This gives an ugly: "this content will be transmiitted over an insecure connection" warning

This error will also happen if, for example, I manually put an https path in for (e.g.) a forum node and then submit a comment.

I think a more correct behavior is to let the form action be https if the current page is https.

CommentFileSizeAuthor
#1 https-action-314024-1.patch838 bytespwolanin

Comments

pwolanin’s picture

Status: Active » Needs review
StatusFileSize
new838 bytes

like this.

codevoice’s picture

This patch doesn't apply to 1.22.2.11, is there an updated version? .11 still has this problem by default.

grendzy’s picture

Status: Needs review » Closed (won't fix)

The 5.x branch is no longer supported. If this issue is still present in a current version of Secure Pages, please update the issue summary, change the version field, and re-open the issue.