Problem with HTTPS

[jorge.rodriguez.cros]

When I activate the https on my website I get this error:

 

XMLHttpRequest cannot load https://www.zapatosdetallagrande.com/xxl/?controller=cart&ajax=true&token=0a97df7084e9979f5fcb790710e8d736&_=1389955192601. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.zapatosdetallagrande.com' is therefore not allowed access.

 

I have googled it and read it might be related to making https  calls through ajax when connected through http, so I think this comes from the shopping cart, but I'm not sure how to fix it. Can anybody help?

 

My shop: www.zapatosdetallagrande.com

 

Thanks in advance,

[jorge.rodriguez.cros]

The error just seems to appear on Chrome, not Firefox or IE.

[vekia]

it's related to browser "mixed-content" filtering.

it's not possible to "connect" to unsecured content while you're browsing "secured" website.

 

turn off maintenance mode, i will be able to inspect it, now i can't due to restricted access.

[jorge.rodriguez.cros]

Thanks Vekia, I thought the shop was activated already. It is activated now.

[vekia]

i checked it.

something calls this url right after page load

 

i suppose that this is related to ajax-cart.js file

// cart to fix display when using back and previous browsers buttons
	refresh : function(){
		//send the ajax request to the server
		$.ajax({
			type: 'GET',
			url: baseUri,
			async: true,
			cache: false,
			dataType : "json",
			data: 'controller=cart&ajax=true&token=' + static_token,
			success: function(jsonData)
			{
				ajaxCart.updateCart(jsonData);
			},
			error: function(XMLHttpRequest, textStatus, errorThrown) {
				//alert("TECHNICAL ERROR: unable to refresh the cart.\n\nDetails:\nError thrown: " + XMLHttpRequest + "\n" + 'Text status: ' + textStatus);
			}
		});
	},

it trying to load controller=cart from homepage, it autoamtically redirect to https connection

[jorge.rodriguez.cros]

Hi,

 

Thanks Vekia. You're right, it's this call that's causing the error, when I comment it out the error disappears. I'm not sure why, though, if I add an alert(baseUri) to the refresh function, it's calling http, not https... so I don't really understand. 

Anyway I'll see if commenting out this call to refresh causes any problem (this is a template I downloaded, so I'm not sure why this is being done).

 

Jorge

[vekia]

it's because prestashop has got redirection,

cart page are usually secured (with ssl mode on)

if you're browsing unsecured page - it use unsecured url in this variable. So in effect, you trying top open "unsecured" cart page, and prestashop creates automatic redirecton.

this is why you see this error.

[jorge.rodriguez.cros]

Ok, thanks Vekia.

[mir-aus]

Hi 

I have similar problem in product page  (http://continuousinksupplysystem.com.au/en/10042759-ink-system-suits-brother-mfc-j4710dw.html):

 

error is:

 

XMLHttpRequest cannot load https://continuousinksupplysystem.com.au//modules/paypal/express_checkout/a…p?get_qty=1&id_product=10042759&id_product_attribute=20559&_=1414821825626. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://continuousinksupplysystem.com.au' is therefore not allowed access. 

 

can you help me please.