Home » Forums » Ubercart » Support
8 replies [Last post]
Fri, 02/22/2008 - 11:52
fsiddiqi
fsiddiqi's picture
Offline
Joined: 01/02/2008
Juice: 22

Hi

I noticed this problem when I enabled SSL on my checkout page (Ubercart Beta 5).

I'm using the securepages module and have configured it to use SSL on pages:
cart/checkout/*

My checkout page is now:
https://www.sitename.com/cart/checkout

However, when I go to checkout, the payment form (for credit cards/auth.net) is loaded using an ajax call to:
http://www.sitename.com/?q=cart/checkout/payment_details/credit

I have Clean URLs correctly configured, so I don't know why it's using the ?q= and why it's using http:// instead of https://. This disparity is causing the ajax call to fail due to browser security settings in IE and FF.

Sounds like it's not a securepages issue...

Any ideas?

Thanks

Faisal

Top
Fri, 02/22/2008 - 12:23
#1 View page
Ryan
Ryan's picture
Offline
Joined: 08/07/2007
Juice: 15422
Re: Failing Ajax call on checkout with SSL

Ahh, interesting. The trouble is the URL is getting constructed in the JS, which SecurePages doesn't govern. This is something to think about for a core fix, but in the meantime you should be able to edit line 52 of uc_payment_checkout_pane.inc. You can do it using hook_form_alter() in a custom module if need be.

Top
Fri, 02/22/2008 - 12:49
#2 View page
schaub123
schaub123's picture
Offline
Bug FinderGetting busy with the Ubercode.PayPal Hero
Joined: 10/08/2007
Juice: 457
Re: Failing Ajax call on checkout with SSL

Have you tried adding

cart/checkout/payment_details/credit

to your secure pages config? The wildcard might not be working so well. There is a similar problem with constructing paypal urls for ipn and secure pages. Don't know if this helps but might be worth a try. Or try the ?q= form of the url. Curious how you make out with this. Ubercart should be using the drupal link api to build these links so secure pages can get it right.

Christopher Schaub

Top
Fri, 02/22/2008 - 12:56
#3 View page
torgosPizza
torgosPizza's picture
Offline
Bug FinderEarly adopter... addicted to alphas.Getting busy with the Ubercode.
Joined: 08/14/2007
Juice: 4110
Re: Re: Failing Ajax call on checkout with SSL

I encountered similar issues when making my site secure, and so here's the way I secured the checkout side of the site. This is from my Secure Pages config (make ONLY these pages secure is the option I have selected):

cart/checkout
cart/checkout/review
cart/checkout/payment_details/*
cart/checkout/complete

(for paypal):
uc_paypal/ipn/*
uc_paypal/wps/*
uc_paypal/wps/complete/*
cgi-bin/webscr

With this configuration I haven't had any issues. Hope this helps.

--
Help directly fund development: Donate via PayPal!

Top
Fri, 02/22/2008 - 14:07
#4 View page
fsiddiqi
fsiddiqi's picture
Offline
Joined: 01/02/2008
Juice: 22
Re: Re: Re: Failing Ajax call on checkout with SSL

Man - you guys are *awesome* - thanks for the quick response.

FYI - both options (updating the checkout form and securepages approach) work.

I ended up modifying the securepages settings and undoing any code changes.

Top
Tue, 04/28/2009 - 03:29
#5 View page
AntoineSolutions
AntoineSolutions's picture
Offline
Bug Finder
Joined: 05/02/2008
Juice: 166
Re: Re: Re: Re: Failing Ajax call on checkout with SSL

I am seeing this issue after upgrading from Ubercart 5.x-1.7 to 6.x-2.0-rc1. I have tried expanding my list of secured pages to those suggested by torgosPizza, but that didn't help. I have posted more information at http://www.ubercart.org/forum/support/9821/security_error_ssl_checkout_page. Please help. Thanks

Cheers,

Jon Antoine
Antoine Solutions
Free Open Source PHP IDE

Top
Wed, 04/29/2009 - 07:42
#6 View page
schaub123
schaub123's picture
Offline
Bug FinderGetting busy with the Ubercode.PayPal Hero
Joined: 10/08/2007
Juice: 457
Re: Re: Re: Re: Re: Failing Ajax call on checkout with SSL

One thing to try is to make sure your site can only be accessed by either domain.com or www.domain.com. Edit the .htaccess file in the Drupal root to enable either style. Hope it helps.

Christopher Schaub

Top
Tue, 07/28/2009 - 12:52
#7 View page
phlows
phlows's picture
Offline
Joined: 07/27/2009
Juice: 11
Re: Re: Re: Re: Re: Re: Failing Ajax call on checkout with SSL

lutegrass that will have bad effects in terms of SEO. the search engines do not see the www version and non www version of your page as the same page. this leads to loss of pagerank. its important to do a 301 redirect from one to the other for search engine optimization.

if the above steps do not work for you in gdealing with the ajax issue then please try the solution post on this thread:
http://www.ubercart.org/forum/support/9821/security_error_ssl_checkout_page

it worked very well for me Smiling

Top
Tue, 03/02/2010 - 04:45
#8 View page
doublejosh
doublejosh's picture
Offline
Joined: 09/26/2009
Juice: 55
Found a solution

I had all of the above pages excluded from Secure Pages and everything was working fine, until I ran into the same problem.

The was my base_url in the settings.php file.

When I changed that to my full base $base_url = 'http://www.mydomain.com'; my credit card progress bar went screwy.

I'm admittedly on Ubercart v6.x-2.0-beta5, but I'll fix that shortly (I love you drush) and see if I can still use the baseurl (a basic core feature) and Ubercart with Secure Pages.

Anyone else had this conflict?

http://twitter.com/doublejosh
http://tackysmack.com

Top