View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001271 | OXID eShop (all versions) | 1. ----- eShop frontend ----- | public | 2009-09-01 12:17 | 2012-12-10 14:17 |
| Reporter | andreas_ziethen | Assigned To | |||
| Priority | high | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Summary | 0001271: images and css-files are not taken via SSL and from wrong domain | ||||
| Description | Set up the following: 1 main shop - not online, with own domain, no ssl, only used for administration 1 (or more) subshop(s) - online, with own domain, configured with ssl-addresses Now go into the order process and look at the html source code: all the images and the css-file, too, are taken from the non-ssl address of the main shop, which is fatal cause this causes security warnings in all IE versions. You can sort of fix this if you put an sll-address into config.inc.php for the main shop - BUT: This is NOT a real solution because images and css-files should be taken using the REAL subshop domain, not the main-shop one. For example: there are scenarios out there where it is very important that no connection between shop 2 and shop 3 can be seen. So having them both using same URLs for images and css files is a No-Go! | ||||
| Tags | Subshops | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | 5.2.6 | ||||
| Database Version | 5.0.33 | ||||
| duplicate of | 0000837 | resolved | alfonsas_cirtautas | Native shop images for subshops: method oxconfig::getPictureUrl() does not pass parameter $blNativeImg |
| related to | 0001352 | resolved | vilma_liorensaityte | Oxconfig::getCoreUtilsUrl() returns wrong URL-Domain in mall-shops |
|
|
Might be connected to 0000761. I think there's still a bug in oxconfig::isSsl(): $this->getConfigParam( 'sSSLShopURL') should NOT be taken to check if SSL is configured cause the main shop - and so the config.inc.php - might not have SSL configured, but the subhops have! |
|
|
Duplicate of 0000837 |
|
|
Sorry, but I cannot see why this should be a duplicate of 0000837. Have a look at oxconfig::isSsl(). There you can find this one: --------------------------------------------------------- $this->_blIsSsl = ( isset( $aHttpsServerVar ) && $this->getConfigParam( 'sSSLShopURL' ) && ( $aHttpsServerVar == 'on' || $aHttpsServerVar == '1' ) ); // 1&1 provides "1" ----------------------------------------------------------- $this->getConfigParam('sSSLShopURL') takes the value set in in config.inc.php - and not the subshop config. And THIS - I think - is the main problem. |
|
|
@Developers: please check this case as described in Andreas' comment. Also pay attention to the parameter sMallSSLShopURL. |
|
|
Updated method oxconfig::isSsl() - now it checks not only main shop ssl url but if is defined subshop ssl url. |
