[ic] "Secure" basket

[Jamie Neil]

> -----Original Message-----
> From: interchange-users-admin@icdevgroup.org
> [mailto:interchange-users-admin@icdevgroup.org]On Behalf Of Jonathan
> Clark
> Sent: 29 May 2003 15:05
> To: interchange-users@icdevgroup.org
> Subject: RE: [ic] "Secure" basket
>
>
> > I've just enabled ssl on my site for the first time, and have
> discovered a
> > rather annoying problem that didn't show up beforehand.
> >
> > When the user goes to the basket page, the URL is insecure which
> > is correct.
> > When they click through to the checkout the secure=1 on the form passes
> > control to the secure pages which is also correct.
> >
> > The problem is that if the user clicks recalculate, empty basket
> > or continue
> > shopping in the basket page, they are redirected to the secure
> site rather
> > than the normal one. I checked the demo site at icdevgroup and
> it behaves
> > the same way.
> >
> > The only way around this that I can think of is to insert an
> intermediate
> > page between the basket and the checkout that handles the move
> from secure
> > to insecure more gracefully.
>
> I guess the fastest would be to force the basket to always be
> secure using,
> er, AlwaysSecure:
>
> http://www.icdevgroup.org/i/dev/docfly.html?mv_arg=icconfig05%2e04

Hi Jonathan,

I considered that, but if a customer is browsing, then dropping from secure
to insecure and back  again can be a bit irritating, especially if IE is
configured to ask permission on each transition.

I checked out a few other sites, and they seem to either have the same
"problem" as the foundation demo, or they use multistage checkouts and have
removed the secure tag from the basket page entirely (although this means
the first stage of the checkout is insecure until you do a submit or
refresh).

Jamie

>
> Jonathan
> www.webmaint.net
>
>
> _______________________________________________
> interchange-users mailing list
> interchange-users@icdevgroup.org
> http://www.icdevgroup.org/mailman/listinfo/interchange-users
>