I have a site where the login and other pages are secured via the secure pages module. It works.

The pages are secured, but when I go into the login page with the user login block, I get the nonsecure elements message from the some browsers, namely IE7 and Chrome.

How do I get the action attribute in the login form to read "https://mysite.com/login?destination....." or to use https?

The form html looks like this right now.

Thanks in advance.

Comments

nevets88’s picture

Nevermind, solved the problem - chasing in the wrong place. The url(...) lines in the css files contained "http" and there were https links in the page itself.

Another question though - in The Onion store, the checkout https page contain http links, but I don't get the nonsecure message from the browser. My guess is that there are no mixed http/https links - all urls are http. So I guess the post using https is located in javascript somewhere.