SGP Store No SSL?

Discussion in 'iPhone Accessories' started by Kliphten, Jan 18, 2011.

  1. Kliphten Guest

    Joined:
    Sep 20, 2009
    #1
    I was just going through a checkout on the SGP store and noticed they don't have SSL. Anybody have any issues with this?
     
  2. EBS macrumors newbie

    Joined:
    Dec 30, 2010
    #2
    I can't guarantee this is the issue, since I have not gone through their checkout process, but here is what I am guessing is happening:

    If a website is using SSL, traffic must be served through https:// rather than http://. If any element of the page being served is requested through regular http://, you will get a warning saying that not all aspects of the page are secure (even if the element in question has no need to be served over https://).

    This usually happens due to some back-end coding using absolute, rather than relative addresses for paths of files (images, xml files, etc). When an absolute path is used, if the "s" is forgotten on the end of the http (common mistake by even seasoned developers), this issue will appear. Relative paths do not have this problem, as they will always simply use the location of the containing page, (https://xxxxx.xxx/xxxxxxxx/xxx/xxxx) as the beginning of the path, so the https:// is used.

    Long story short, if you are getting a message that just says some elements may not be secure, I wouldn't worry about it. However, if the page itself is not even using SSL (if the address bar reads http:// and not https:// when on the page you are entering your CC#, etc. on), then I would stay away.

    Not that it means much, but it does say they use SSL if you click on their "WebTrust" logo in the footer, so I'm guessing the issue I described is happening.
     
  3. SchneiderMan macrumors G3

    SchneiderMan

    Joined:
    May 25, 2008
    Location:
    Apple state
    #3
    No HTTPS in your URL bar - not secured. Btw just checked it out and it isn't secured.
     
  4. EBS macrumors newbie

    Joined:
    Dec 30, 2010
    #4
    Yeah, I actually had some time to check it out this morning, and SchneiderMan is right, they don't appear to be using it in their checkout pages, even on the CC information page. :eek:

    I know they switched to MagentoCommerce for their storefront a few months ago...they must have never activated/configured the SSL on it. Very surprising.
     

Share This Page