Home » Forums » Ubercart » Support

Failing Ajax call on checkout with SSL

Submitted by fsiddiqi on Fri, 02/22/2008 - 11:52
fsiddiqi
Posts: 10
 Joined: 01/02/2008

Hi

I noticed this problem when I enabled SSL on my checkout page (Ubercart Beta 5).

I'm using the securepages module and have configured it to use SSL on pages:
cart/checkout/*

My checkout page is now:
https://www.sitename.com/cart/checkout

However, when I go to checkout, the payment form (for credit cards/auth.net) is loaded using an ajax call to:
http://www.sitename.com/?q=cart/checkout/payment_details/credit

I have Clean URLs correctly configured, so I don't know why it's using the ?q= and why it's using http:// instead of https://. This disparity is causing the ajax call to fail due to browser security settings in IE and FF.

Sounds like it's not a securepages issue...

Any ideas?

Thanks

Faisal
permalink #1 Fri, 02/22/2008 - 12:23
Ryan

Posts: 5245
 Joined: 08/07/2007
AdministratorHead Code Monkey - I eat bugs.

Ahh, interesting. The trouble is the URL is getting constructed in the JS, which SecurePages doesn't govern. This is something to think about for a core fix, but in the meantime you should be able to edit line 52 of uc_payment_checkout_pane.inc. You can do it using hook_form_alter() in a custom module if need be.

permalink #2 Fri, 02/22/2008 - 12:49
lutegrass

Posts: 167
 Joined: 10/08/2007
Bug FinderGetting busy with the Ubercode.PayPal Hero

Have you tried adding

cart/checkout/payment_details/credit

to your secure pages config? The wildcard might not be working so well. There is a similar problem with constructing paypal urls for ipn and secure pages. Don't know if this helps but might be worth a try. Or try the ?q= form of the url. Curious how you make out with this. Ubercart should be using the drupal link api to build these links so secure pages can get it right.

--

Christopher Schaub
LuteGrass, LLC
http://www.lutegrass.com

permalink #3 Fri, 02/22/2008 - 12:56
torgosPizza

Posts: 1290
 Joined: 08/14/2007
Bug FinderEarly adopter... addicted to alphas.Getting busy with the Ubercode.

I encountered similar issues when making my site secure, and so here's the way I secured the checkout side of the site. This is from my Secure Pages config (make ONLY these pages secure is the option I have selected):

cart/checkout
cart/checkout/review
cart/checkout/payment_details/*
cart/checkout/complete

(for paypal):
uc_paypal/ipn/*
uc_paypal/wps/*
uc_paypal/wps/complete/*
cgi-bin/webscr

With this configuration I haven't had any issues. Hope this helps.

--

"Pain don't hurt." - Dalton

Mike Nelson's RiffTrax! www.rifftrax.com

permalink #4 Fri, 02/22/2008 - 14:07
fsiddiqi
Posts: 10
 Joined: 01/02/2008

Man - you guys are *awesome* - thanks for the quick response.

FYI - both options (updating the checkout form and securepages approach) work.

I ended up modifying the securepages settings and undoing any code changes.