I'm using a Chronoform on a secured (https) page. Everything looks right, but in most browsers I'm getting warning messages (usually in the status bar), like:
"This page contains both secure and nonsecure items"
"Warning: contains unauthenticated content"
"You have requested an encrypted page that contains some unencrypted information. Information that you see or enter on this page could easily be read by a third party."
And if I send the form, I get a dialog box that says
"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party."
Any suggestions?
Jim
"This page contains both secure and nonsecure items"
"Warning: contains unauthenticated content"
"You have requested an encrypted page that contains some unencrypted information. Information that you see or enter on this page could easily be read by a third party."
And if I send the form, I get a dialog box that says
"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party."
Any suggestions?
Jim
Hi jpschwartz,
Could be the imageverification image?
There was another thread about this a few months ago if I recall correctly.
Bob
Could be the imageverification image?
There was another thread about this a few months ago if I recall correctly.
Bob
Hi Jim,
I believe this was related to the $live_site setting within your configuration.php file. Setting this variable to a non-empty string will cause Joomla to use this URI for resources such as javascripts and CSS, rather than the actual URI used by the visitor - effectively counteracting any "force SSL" settings.
As such, although you visit the page using an SSL-enabled URI, resources such as javascripts will be included with a non-SSL URI - which in it's turn causes many browsers to warn the user about insecure content.
/Fredrik
I believe this was related to the $live_site setting within your configuration.php file. Setting this variable to a non-empty string will cause Joomla to use this URI for resources such as javascripts and CSS, rather than the actual URI used by the visitor - effectively counteracting any "force SSL" settings.
As such, although you visit the page using an SSL-enabled URI, resources such as javascripts will be included with a non-SSL URI - which in it's turn causes many browsers to warn the user about insecure content.
/Fredrik
This topic is locked and no more replies can be posted.