Https and {$ImagesDir} help needed
 

I'm having problems with the 'Do you want to display insecure elements yes/no' alert when switching to https. I have gone through the checkout page about 20 times looking for the http call, and I think I could use a fresh eye.

Anyone see anything insecure? or anything else that would cause this?

All Images should be called via {$ImagesDir}, and everything I see has the ../skin1/images/ inserted.


http://www.scrubsandscraps.com/xcart/

Thanks

set up a test account and ill take al look

Anyone find anything? :wink:

I'm starting to think this is server related, since I can't see anything pulling from http, only from ../. But I've been known to not see something until it bites me sometimes.

Thanks
David

in config.php see if your https setting has www in it

if so just get rid of the www and try that

$xcart_http_host ="scrubsandscraps.com";
$xcart_https_host ="lx2.mindstate.com/scrubsandscraps.com";
$xcart_web_dir ="/xcart";

I took the www. out of the http just in case, but no change.

Is there an easy way to make the {$ImagesDir} tag be replaced by the full http or https call instead of relative calls to the images?

lx2.mindstate.com/scrubsandscraps.com/ instead of ../images/art/

the whole point of the {$ImagesDir} tag is that it doesnt have hard coded http or https.

Figured it out... :oops:

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://active.macromedia.com/flash2/cabs/swflash.cab#version=4,0,0,0"
ID=topflash WIDTH=233 HEIGHT=82>

When including Flash and Director pieces the .cab call causes the security error. Macromedia has an https protocol in place so just change the above code to:

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://active.macromedia.com/flash2/cabs/swflash.cab#version=4,0,0,0"
ID=topflash WIDTH=233 HEIGHT=82>