Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
SGP Store No SSL?
- Thread starter Kliphten
- Start date
- Sort by reaction score
I can't guarantee this is the issue, since I have not gone through their checkout process, but here is what I am guessing is happening:
If a website is using SSL, traffic must be served through https:// rather than http://. If any element of the page being served is requested through regular http://, you will get a warning saying that not all aspects of the page are secure (even if the element in question has no need to be served over https://).
This usually happens due to some back-end coding using absolute, rather than relative addresses for paths of files (images, xml files, etc). When an absolute path is used, if the "s" is forgotten on the end of the http (common mistake by even seasoned developers), this issue will appear. Relative paths do not have this problem, as they will always simply use the location of the containing page, (https://xxxxx.xxx/xxxxxxxx/xxx/xxxx) as the beginning of the path, so the https:// is used.
Long story short, if you are getting a message that just says some elements may not be secure, I wouldn't worry about it. However, if the page itself is not even using SSL (if the address bar reads http:// and not https:// when on the page you are entering your CC#, etc. on), then I would stay away.
Not that it means much, but it does say they use SSL if you click on their "WebTrust" logo in the footer, so I'm guessing the issue I described is happening.
If a website is using SSL, traffic must be served through https:// rather than http://. If any element of the page being served is requested through regular http://, you will get a warning saying that not all aspects of the page are secure (even if the element in question has no need to be served over https://).
This usually happens due to some back-end coding using absolute, rather than relative addresses for paths of files (images, xml files, etc). When an absolute path is used, if the "s" is forgotten on the end of the http (common mistake by even seasoned developers), this issue will appear. Relative paths do not have this problem, as they will always simply use the location of the containing page, (https://xxxxx.xxx/xxxxxxxx/xxx/xxxx) as the beginning of the path, so the https:// is used.
Long story short, if you are getting a message that just says some elements may not be secure, I wouldn't worry about it. However, if the page itself is not even using SSL (if the address bar reads http:// and not https:// when on the page you are entering your CC#, etc. on), then I would stay away.
Not that it means much, but it does say they use SSL if you click on their "WebTrust" logo in the footer, so I'm guessing the issue I described is happening.
Yeah, I actually had some time to check it out this morning, and SchneiderMan is right, they don't appear to be using it in their checkout pages, even on the CC information page.
I know they switched to MagentoCommerce for their storefront a few months ago...they must have never activated/configured the SSL on it. Very surprising.