http request on SSL secured page

Hello, i setup my multisite to take PayPal payments for the Pro Sites plugin, it is all configured like it should, but i am getting the following message when clicking the "PayPal Checkout" Button on the Pro Site Upgrade page /pro-site :
This is a non-secure form.
This form will be sent in a way that is not secure. Are you sure you want to send it?

I located the http request and it seems to be inside the <div id="gateways-1" class="gateway gateway-primary"> ... the form with the id="paypal-payment-form"

Changing the link inside the tag from http to https trough Google Chromes Developers Tool allowed me to submit the form...
Unfortunately this is as far as i can go, could you please add the https to the plugin to avoid this kind of problems? It's preventing me to use PayPal.

I will submit a link with the Support Access

Thanks for the support

  • Rupok

    Hi lopesV,

    If your network is configured over SSL, then it should automatically call HTTPS action link. However, I could tell you better about the issue if I could see it live, check your current configuration and make some tests on your site. I can see that you have already granted Support Access, but when I tried to access your site with Support Access, it's showing me the following error:
    This is an invalid access token. Please ask the user to grant access.

    Can you please revoke and grant us permission again so we can investigate the issue and try to resolve this? I'm looking forward to hearing from you and resolve this issue as soon as possible.

    Have a nice day. Cheers!
    Rupok

  • Nithin

    Hi lopesV,

    Hope you are doing good today. :slight_smile:

    I checked your website, and I created a test subsite(wptest), and it seems like I'm getting the following error, when I try to access the subsite dashboard:

    Is your SSL single certificate? You are required to have Wildcard SSL certificate, if you are looking to implement SSL in your subsites. Could you please check, and confirm whether this is the case?

    This is a non-secure form.
    This form will be sent in a way that is not secure. Are you sure you want to send it?

    And to resolve this, I could notice that half of the links in your main sites, are still loading through http. You'll have to make use of a plugin like SSL Insecure Content Fixer, so that the mixed content warnings are sorted:
    https://wordpress.org/plugins/ssl-insecure-content-fixer/

    Please let us know how that goes, have a nice day. :slight_smile:

    Kind Regards,
    Nithin

  • lopesV

    Hello, i dont think this really adresses my problem, my problem is not ssl on newly created sites as i will be creating sites by myself and adding a certificate to them by myself. I dont need my users to create sites on the fly, so their is no need for ssl.
    With the support access i shared a link to a page where my customer has to pay for the subscription to a site that i prepared for them, the page tells me in the developer console that the only link in that page that is not being passed trough https is a link created by the Pro Sites plugin.
    That is the issue that i am trying to have you address on my install, could you please take a look at that?
    Here is the error as it appears in the developer console:
    Mixed Content: The page at 'https://???.???/en/pro-site/?bid=28' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://???.???/pro-site/?bid=28'. This endpoint should be made available over a secure connection.

    Note that the subsite that i have created for my client and that they are supposed to pay for trough that link has a ssl certificate setup, so i don't see any need for a wildcard certificate.

    Regards

  • Nithin

    Hi lopesV,

    my problem is not ssl on newly created sites as i will be creating sites by myself and adding a certificate to them by myself. I dont need my users to create sites on the fly, so their is no need for ssl.

    Sorry for the delay, what I suggested in the previous reply would have cleared the mixed content error in general regrading to all your websites. Thanks for pointing out on how your configuration runs, since you have made that part clear, what I proposed wasn't required.

    Here is the error as it appears in the developer console:
    Mixed Content: The page at 'https://???.???/en/pro-site/?bid=28' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://???.???/pro-site/?bid=28'. This endpoint should be made available over a secure connection.

    I wasn't able to notice any mixed content error in your mentioned pro-site page. I also, tried to create a new site, and the PayPal checkout button was working without any issues.

    As Mentioned above, the plugin SSL Insecure Content Fixer, can fix such errors. It seems like the pages are working fine now, could you please check, and see whether it's working? If not, please advise what I'm missing, probably a screenshot could help in understanding what I'm missing here.

    Kind Regards,
    Nithin

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.