| Author |
 Topic  |
|
|
telesites net
Starting Member
USA
46 Posts |
 Posted - April 25 2007 : 22:01:22
|
Hello,
Does anyone know the reasoning why the file shopthanksmerchant.asp is still in HTTPS:// mode after the sale? This seems rather odd and is the cause of many problems with our clients who use the shop.
So many of the Search Engine conversions and Analytics code bits are inserted into this page and while most offer the option of SSL versions of their code, a few do not. It certainly would be easier on everyone if the shop left the SSL mode after the payment page was completed and went back to standard HTTP at the Thank You page.
Anyone know how we can do this or tell us the reasoning as to why that shopthanksmerchant.asp page would need to be in SSL mode?
Thanks in advance for your time.
www.TELEsites.Net
Set your sites here! |
|
|
dafragan
Starting Member
45 Posts |
Posted - April 26 2007 : 01:43:33
|
Hi!
I think that if you go from an SSL page to a non-SSL page you're going to get one of those security alerts from your browser. I think that's probbaly the main reason it stays in SSL mode.
All of the extras that analytics and things like that need you to add in all have SSL versions of their snippets - try adding those into your pages instead and you should get no errors.
I hope that helps!
Seb |
 |
|
|
Kidd
VP-CART Super User
Australia
373 Posts |
Posted - April 26 2007 : 01:46:20
|
because the return url hasnt been set to your normal http
|
Edited by - Kidd on April 26 2007 01:47:33 |
|
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - April 26 2007 : 01:49:11
|
yep; I'd agree with that too; if the customer gets a "you are leaving a secure area" warning before they physically click on a panel/continue link after returning to your site from the payment pages, then they'd probably become worried.
what you'd normally do would be to make it so that whenever they click-away from the thanks page, it'd then put them back onto the non-ssl area for the link that they've clicked on.
Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons |
|
|
|
telesites net
Starting Member
USA
46 Posts |
Posted - April 26 2007 : 02:15:04
|
Thank you for the replies.
Perhaps I didn't make this very clear. Once a customer hits the submit button on the payment page - VPASP sends them to the shopthanksmerchant.asp page but leaves them in HTTPS mode. The program could just as easily send them to the same page in HTTP mode. I don't know that they would get a "now leaving a secure area" message before seeing the thank you page. Even if they did - they ARE leaving a secure area (the secure part is over; payment is all done). In the end, the secure Thank You page seems to just be a annoyance, forcing people to have to get the secure snippets from all the Conversion and Analytics that they want to include, when that is not really needed if the path just simply pointed to a standard HTTP page.
Perhaps someone from VPASP will she some light on this or at least tell us how we can change it.
www.TELEsites.Net
Set your sites here! |
Edited by - telesites net on April 26 2007 02:15:48 |
|
|
|
support
Administrator
4679 Posts |
Posted - April 26 2007 : 02:21:00
|
Hi there,
The flow goes from the check out page to the shopthanks page, not shopthanksmerchant. What everyone has added above is correct about getting a pop up message.
You could change this if you like however I also believe it would not be a good thing for your customers to see.
I would ask your conversion partners to simply provide you with an SSL link for you to use.
Thank you
VP-ASP Support |
|
|
|
telesites net
Starting Member
USA
46 Posts |
Posted - April 26 2007 : 02:47:21
|
If the VPASP program instructed the buyer's browser to go to the shopthanks page in HTTP mode - why would it pop up a message saying it was leaving SSL?
What is on the shopthanks page that VPASP feels it has to be in HTTPS mode?
All our conversion partners can provide us with SSL code but why bother with that extra step (or 5 extra steps in our case) if it simply isn't needed?
www.TELEsites.Net
Set your sites here! |
|
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - April 26 2007 : 03:37:02
|
the popup warning will usually come up regardless of whether you explicitly move from ssl to non-ssl (eg by clicking on a link) or if the asps automatically move from you from ssl to non-ssl.
whenever you move off ssl you'd get a warning (depending on your browser settings)
the thanks page does pretty much everything, so it should definitely be on ssl. I wouldn't want to go into more detail than that because of hackers who might be passing through the forum, but keep the thanks page secure if the rest of your payment/order pages are secure.
Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons |
Edited by - devshb on April 26 2007 03:38:49 |
|
|
|
telesites net
Starting Member
USA
46 Posts |
Posted - April 26 2007 : 18:00:07
|
Thanks for the reply. I appreciate everyone's time.
www.TELEsites.Net
Set your sites here! |
|
|
| |
Topic |
|
All Forums
shopthanksmerchant.asp stays in SSL?
New Topic
Printer Friendly
TrustGuard - PCI Security Scanner
