Ajax, JQuery Validate and Https

silversurfer5150 · March 7, 2012, 2:31pm

Hi guys,

On the final page of my checkout, I have included the JQuery validate plugin and my ssl certificate is showing as secured on every page in the payment process.

Anyway, if I input the form data and deliberately leave a mistake( so that it doesn’t process the order), as soon as validate kicks in my site shows up in browser as only partially encrypted. Can anybody help me?

Here is the code:



    $('#details').validate({

       // validation of sensitive data done here

        },

        success: function(label) {

          label.text('OK!').addClass('valid');

        },

       submitHandler: function(form) {

           // do other stuff for a valid form

              $holder = ($('#details').serializeArray()); //gets everything from the form and puts it in associative array (holder)

        $.ajax({
            type: 'POST',
            url: 'index.php?route=payment/check/confirm',     //send array data to payment/check method confirm
                data: $holder,
            success: function() {
                location = 'index.php?route=checkout/success';
            }
        });
     }

Paul_Wilkins · March 7, 2012, 9:47pm

I don’t think that it’s possible to determine from what you have there, what’s causing the problem.

A test web page that exhibits the issue will allow is to dig deeper and find out what being accessed from a non-secure location.

silversurfer5150 · March 7, 2012, 10:22pm

Hi Paul,

Thanks, I have inspected it closely using the network tab on firebug and I can’t see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running. When you first arrive on this page, it is padlocked.

You try to send the form with an error, validate stops it and the instant that this happens the padlock is gone.

I can send you a link but it will be lots of hassle for you to register and then buy something. Can you suggest anything about the way that validate works which could potentially breach the https protocol?

Do you think that I can see everything that is going on with firebug or do I need to use something like wire-shark to watch the traffic?

thanks

Will

Paul_Wilkins · March 7, 2012, 10:23pm

Not personally, but what I would do is to single-step through the code, or set breakpoints, until I come across that which causes the breach to occur.

silversurfer5150 · March 15, 2012, 11:53am

OK for anyone else who has this problem, remember to secure the actual check mark image that validate adds when data is correct. In my case I had secured every other image(using https full urls) but this one was in a separate folder so don’t forget to make that image path secure too.

tongdonny · March 15, 2012, 3:03pm

silversurfer5150:

Hi Paul,

Thanks, I have inspected it closely using the network tab on firebug and I can’t see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running. When you first arrive on this page, it is padlocked.

You try to send the form with an error, validate stops it and the instant that this happens the padlock is gone.

I can send you a link but it will be lots of hassle for you to register and then buy something. Can you suggest anything about the way that validate works which could potentially breach the https protocol?

Do you think that I can see everything that is going on with firebug or do I need to use something like wire-shark to watch the traffic?

thanks

Will

I can’t see any insecure content. I have already taken great trouble to keep the checkout secure by using relative paths for everything and I get a secure padlock on every stage except for the one with validate running.

Paul_Wilkins · March 15, 2012, 10:19pm

In that case the more eyes the better. Are we able to take a look?