I have configured secure pages to use ssl for cart*. The ssl works great, but ubercart uses absolute domain/path to product images which do not use https but http instead. Thus whenever the cart is loaded I get an annoying message from the browser that the page includes both secure and non-secure items.

How do I fix this? Why does Ubercart use absolute paths to the product images instead of relative? Is that a function of ICME?

Thanks for any help.

Comments

webservant316’s picture

webservant316 commented

A reply to the same issue at ubercart.org says the problem is my theme.
I use Newsflash, downloaded from Drupal.org. Could that really be the problem?
I thought it was more likely a configuration issue with ICME.
Any way how can I fix this problem?

Andy_Lowe’s picture

Andy_Lowe commented
Status: Active » Postponed (maintainer needs more info)

Normally product images aren't displayed on ssl enabled pages. Have you set /cart to be ssl enabled, or do you display product images on /cart/checkout?
A google search produced a few good forum discussioins:
http://www.google.com/search?q=ubercart+ssl+secure+and+insece+&ie=utf-8&...
http://www.ubercart.org/forum/support/5475/ssl_this_page_contains_both_s...
http://www.ubercart.org/forum/development/6370/page_contains_both_secure...
Perhaps this information will help you find the problem? Usually this sort of error is a result of the theme or a block displaying non ssl links / images on the ssl enabled pages. If these links don't help, please enable firebug, load the offending pages, and figure out exactly which elements are causing the error. Then post a link / screenshot of the offending pages here with a description of the elements that are causing the warning.

webservant316’s picture

webservant316 commented

Thank you very much. The links above were very helpful.

FIRST I changed my secure pages from 'cart*' to 'cart/checkout*'. Like you say above the checkout pages do not have product images so I do not get the error and the checkout pages are the only pages with credit card info anyway. This is my new list of secure pages. The list below was gleaned from other forum pages. Thanks for any comment on my choices...

https only for these pages:
node/add*
node/*/edit
user*
admin*
cart/checkout*

ignore these pages:
*/autocomplete/*
*/ajax/*
files/*
misc/*

SECOND, I also had to edit my Newsflash template according to the directions in this link http://drupal.org/node/458870 and then everything worked.

Thanks again!

Jeff

chazz’s picture

chazz commented

subscribing

tr’s picture

tr commented
Category: bug » support
Status: Postponed (maintainer needs more info) » Fixed

#3 indicates this issue was fixed.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.