SEF URLs and Insecure content in SSL and state dropdown problem

Started by PattyHultquist, November 06, 2012, 20:36:12 PM

Previous topic - Next topic

PattyHultquist

Running Joomla 2.5.4 and VM 2.0.12.

The state dropdown will not populate during checkout if Joomla's SEF is turned on. When in Chrome, the secure pages error saying there is insecure content and the page will not load properly. The base href is being set to the unsecured URL so all dynamic paths are using the unsecured files. If I turn off SEF the base href code disappears and the page then functions correctly. Is there a different SEF extension that would work better?

I've tried installing the extension Yireo SSL Redirection but cannot determine what to modify, if that's even the right solution.

I'm using the beez 20 template. Is there some incompatibility with this template?

PRO


PattyHultquist

http://www.thescrewspeshitpillts.com - the main site. The page where the state dropdown won't work in Firefox is https://www.thescrewspeshitpillts.com/index.php/my-account/editaddresscartBT.html and Chrome and IE won't even load the page correctly at all.

bytelord

Hello,

This is a problem of your template and not VM. Is a javascript conflict i suppose and caused by md_stylechanger.js.

You are loading jquery 1.8, try 1.7.x

Regards
Production: Joomla 2.5.8 | VM 2.0.14 | PHP 5.3.13
Testing     : Joomla 2.5.8 | VM 2.0.16 | PHP 5.3.8
Testing     : Joomla 2.5.8 |    VM 2.1   | PHP 5.3.8

- Don't Forget to mark thread as solved when it is solved!
- Please do not PM with support questions, use the forum!

PattyHultquist

I have disabled the code that loads md_stylechanger.js in my template as I don't need it. I've tried loading many different versions of jquery and it is not helping. I'm using a plugin, jquery easy, to try to work through conflicts but cannot determine the best course of action.

PRO

in

root/configuration.php

do you have "var live site" filled out?

if so, it should be different

PattyHultquist

I have tried everything with the $live_site variable in configuration.php from leaving it blank to https://www.thescrewspeshitpillts.com with and without the slash at the end and secure vs. non secure and it doesn't change anything.

bytelord

Hello,

The page is loading, the style is not loading i suppose and some other things because chrome found that your certificate is insecure ... i enable the site security is fine with chrome and i was able to load the page styling but not the js for countries that is not working properly.

Do you own a valid certificate? Why you have enable it under vm configuration?

Your error is: XMLHttpRequest cannot load http://www.thescrewspeshitpillts.com/index.php/my-account/index.php?option=com_virtuemart&view=state&format=json&virtuemart_country_id=223. Origin https://www.thescrewspeshitpillts.com is not allowed by Access-Control-Allow-Origin.

Do you understand why is not working now? Non valid certicate is blocked out by the browsers  ... that's your issue, place a valid SSL certificate, purchase one.

Regards
Production: Joomla 2.5.8 | VM 2.0.14 | PHP 5.3.13
Testing     : Joomla 2.5.8 | VM 2.0.16 | PHP 5.3.8
Testing     : Joomla 2.5.8 |    VM 2.1   | PHP 5.3.8

- Don't Forget to mark thread as solved when it is solved!
- Please do not PM with support questions, use the forum!

PattyHultquist

I definitely do have a secure certificate. It was purchased through Network solutions, it's hosted at Network solutions and the status is showing Issued and Installation Complete in the Network solutions account. It's for www.thescrewspeshitpillts.com.

bytelord

Yes, you have right.

Take a look on the screenshot (chrome)...



[attachment cleanup by admin]
Production: Joomla 2.5.8 | VM 2.0.14 | PHP 5.3.13
Testing     : Joomla 2.5.8 | VM 2.0.16 | PHP 5.3.8
Testing     : Joomla 2.5.8 |    VM 2.1   | PHP 5.3.8

- Don't Forget to mark thread as solved when it is solved!
- Please do not PM with support questions, use the forum!

bytelord

Also when i load the content i receive the following (see attached).

the json request is not called under SSL ... but under http://www.thescrewspeshitpillts.com/index.php/my-account/index.php?option=com_virtuemart&view=state&format=json&virtuemart_country_id=223

hmm ... ideas?

[attachment cleanup by admin]
Production: Joomla 2.5.8 | VM 2.0.14 | PHP 5.3.13
Testing     : Joomla 2.5.8 | VM 2.0.16 | PHP 5.3.8
Testing     : Joomla 2.5.8 |    VM 2.1   | PHP 5.3.8

- Don't Forget to mark thread as solved when it is solved!
- Please do not PM with support questions, use the forum!

PRO

also,

why do your products NOT have the suffix?

are you using a 3rd party SEF component??

AND; "United States" is auto selected?

the fields will never populate like that (not that thats your problem)




PattyHultquist

bytelord, I realize that the secure site is trying to load insecure files. This is precisely the problem I'm trying to figure out. When SEF is turned on, one of the first lines of code is base href=http:// - it is putting the base href as the non-secure site. When I turn off SEF it doesn't have that line of code for base href so everything then loads fine and the state dropdown even works fine. All issues go away. But, I need to use SEF.

Pro, I'm using the built in Joomla SEF. If there is another extension that will help all of these conflicts I'd be happy to try it, but I've seen all over these forums that people have problems with others as well.
Not sure what you mean by the products not having the suffix.
I have autopopulated the country in the database directly (as the default). I have verified that this is not causing any conflict issues related to the state dropdown.

bytelord

Hello,

Please test the following and let me know:

edit the file components\com_virtuemart\assets\js\vmsite.js

Change line 38 from:
$.getJSON('index.php?option=com_virtuemart&view=state&format=json&virtuemart_country_id=' + byAjax,

to this:
$.getJSON(window.vmSiteurl + 'index.php?option=com_virtuemart&view=state&format=json&virtuemart_country_id=' + byAjax,

Please let me know is that fix the issue.

Regards
Production: Joomla 2.5.8 | VM 2.0.14 | PHP 5.3.13
Testing     : Joomla 2.5.8 | VM 2.0.16 | PHP 5.3.8
Testing     : Joomla 2.5.8 |    VM 2.1   | PHP 5.3.8

- Don't Forget to mark thread as solved when it is solved!
- Please do not PM with support questions, use the forum!

PattyHultquist

bytelord, that didn't seem to change anything. Question: should the virtuemart site url be set to the non secure URL?

One that that is very interesting is if you take the security away and pull up http://www.thescrewspeshitpillts.com/index.php/my-account/editaddresscartBT, so it's a non-secure page but it's SEF, everything works just fine. No jquery conflicts, so it seems to all have to do with the security problems. I'm wondering if I can modify something on this particular page and other secure pages to ensure the js and css files coming in are pulled in using the secure URLs.