Currently the Secure Pages module is not operational without some significant patching to Drupal Core. This module is critical for robust running of ecommerce sites while keeping things easy to maintain.
1. Having everything https is not a good solution for everyone, and its just not what the major ecommerce sites do anyway.
2. Redirecting with .htaccess does not maintain sessions.
3. Having a non-https home page is critical for some SEO efforts.
It currently needs help getting two patches to Drupal Core before it can be used.
http://drupal.org/node/471970#comment-4196144
http://drupal.org/node/961508#comment-5114188
It would be great if we could get some help to get these pushed through, and then backported to Drupal 7.
Any sort of core update right now is a pain.
I'm willing to help wherever I can, but I'm not too experienced with the process or what is required.
But I do think this should be one of the priorities for anyone using/developing Drupal Commerce.
Thanks!
Comments
Comment #1
esbon CreditAttribution: esbon commentedSubscribing
Comment #2
rszrama CreditAttribution: rszrama commentedfwiw, cvangysel has been researching this for the better part of this week and will be sharing the results in the near future.
Comment #3
venkat-rk CreditAttribution: venkat-rk commentedWe are stuck with this issue for a Maldivian travel site that we have rebuilt in Drupal 7 with Drupal Commerce and are waiting to launch. Securing the entire site is not an option for the client at the moment, so we will eagerly await cvangysel's research results.
Comment #4
ahimsauziSubscribing
Comment #5
lsolesen CreditAttribution: lsolesen commented@jazzdrive3 Any updates to this issue?
Comment #6
bojanz CreditAttribution: bojanz at Centarro commented