SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Evangelist silversurfer5150's Avatar
    Join Date
    Aug 2010
    Posts
    534
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Ajax, JQuery Validate and Https

    Hi guys,

    On the final page of my checkout, I have included the JQuery validate plugin and my ssl certificate is showing as secured on every page in the payment process.

    Anyway, if I input the form data and deliberately leave a mistake( so that it doesn't process the order), as soon as validate kicks in my site shows up in browser as only partially encrypted. Can anybody help me?


    Here is the code:

    PHP Code:

        
    $('#details').validate({

           
    // validation of sensitive data done here

            
    },

            
    success: function(label) {

              
    label.text('OK!').addClass('valid');

            },

           
    submitHandler: function(form) {

               
    // do other stuff for a valid form

                  
    $holder = ($('#details').serializeArray()); //gets everything from the form and puts it in associative array (holder)

            
    $.ajax({
                
    type'POST',
                
    url'index.php?route=payment/check/confirm',     //send array data to payment/check method confirm
                    
    data$holder,
                
    success: function() {
                    
    location 'index.php?route=checkout/success';
                }        
            });    
         } 
    "Persistence is the path to perfection"

  2. #2
    Unobtrusively zen silver trophybronze trophy
    paul_wilkins's Avatar
    Join Date
    Jan 2007
    Location
    Christchurch, New Zealand
    Posts
    14,729
    Mentioned
    104 Post(s)
    Tagged
    4 Thread(s)
    I don't think that it's possible to determine from what you have there, what's causing the problem.

    A test web page that exhibits the issue will allow is to dig deeper and find out what being accessed from a non-secure location.
    Programming Group Advisor
    Reference: JavaScript, Quirksmode Validate: HTML Validation, JSLint
    Car is to Carpet as Java is to JavaScript

  3. #3
    SitePoint Evangelist silversurfer5150's Avatar
    Join Date
    Aug 2010
    Posts
    534
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Paul,

    Thanks, I have inspected it closely using the network tab on firebug and I can't see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running. When you first arrive on this page, it is padlocked.

    You try to send the form with an error, validate stops it and the instant that this happens the padlock is gone.

    I can send you a link but it will be lots of hassle for you to register and then buy something. Can you suggest anything about the way that validate works which could potentially breach the https protocol?

    Do you think that I can see everything that is going on with firebug or do I need to use something like wire-shark to watch the traffic?

    thanks

    Will
    "Persistence is the path to perfection"

  4. #4
    Unobtrusively zen silver trophybronze trophy
    paul_wilkins's Avatar
    Join Date
    Jan 2007
    Location
    Christchurch, New Zealand
    Posts
    14,729
    Mentioned
    104 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by silversurfer5150 View Post
    I can send you a link but it will be lots of hassle for you to register and then buy something. Can you suggest anything about the way that validate works which could potentially breach the https protocol?
    Not personally, but what I would do is to single-step through the code, or set breakpoints, until I come across that which causes the breach to occur.
    Programming Group Advisor
    Reference: JavaScript, Quirksmode Validate: HTML Validation, JSLint
    Car is to Carpet as Java is to JavaScript

  5. #5
    SitePoint Evangelist silversurfer5150's Avatar
    Join Date
    Aug 2010
    Posts
    534
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK for anyone else who has this problem, remember to secure the actual check mark image that validate adds when data is correct. In my case I had secured every other image(using https full urls) but this one was in a separate folder so don't forget to make that image path secure too.
    "Persistence is the path to perfection"

  6. #6
    SitePoint Member
    Join Date
    Mar 2012
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by silversurfer5150 View Post
    Hi Paul,

    Thanks, I have inspected it closely using the network tab on firebug and I can't see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running. When you first arrive on this page, it is padlocked.

    You try to send the form with an error, validate stops it and the instant that this happens the padlock is gone.

    I can send you a link but it will be lots of hassle for you to register and then buy something. Can you suggest anything about the way that validate works which could potentially breach the https protocol?

    Do you think that I can see everything that is going on with firebug or do I need to use something like wire-shark to watch the traffic?

    thanks

    Will
    I can't see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running.

  7. #7
    Unobtrusively zen silver trophybronze trophy
    paul_wilkins's Avatar
    Join Date
    Jan 2007
    Location
    Christchurch, New Zealand
    Posts
    14,729
    Mentioned
    104 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by tongdonny View Post
    I can't see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running.
    In that case the more eyes the better. Are we able to take a look?
    Programming Group Advisor
    Reference: JavaScript, Quirksmode Validate: HTML Validation, JSLint
    Car is to Carpet as Java is to JavaScript


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •