Announcement

Collapse
No announcement yet.

Insecure form call

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Insecure form call

    Hello

    I have a search box that does
    <form method="post" action="&mvt:global:sessionurl;">
    <input type="hidden" name="Store_Code" value="&mvte:store:code;">
    <input type="hidden" name="Screen" value="SRCH">
    <input type="text" name="Search" size="18" value="" placeholder="Search XXX">
    </form>

    When I do a htpps:// to the site I get a yellow triangle saying there are insecure items on thepage. On further investigation it said insecure form post and this is the only form I found.

    Is this secure? If not how do I make it secure?

    Thanks
    Sam

    #2
    Re: Insecure form call

    The browser is giving you that error because you are on a secure page but the form action is not secure.

    There are two ways to fix it:

    1. Make the form action domain relative:

    <form method="post" action="//www.domain.com/mm5/merchant.mvc?">

    2. Or add a conditional to change the URL to be secure if you are on https:

    Code:
    
    <mvt:if expr="NOT ISNULL g.secure">
    	<form method="post" action="&mvt:global:secure_sessionurl;">
    <mvt:else>
    	<form method="post" action="&mvt:global:sessionurl;">
    </mvt:if>
    Last edited by Brennan; 12-02-14, 12:20 PM.
    Brennan Heyde
    VP Product
    Miva, Inc.
    [email protected]
    https://www.miva.com

    Comment


      #3
      Re: Insecure form call

      That worked.
      Thanks
      Sam

      Comment

      Working...
      X