Magento 1.9 – Contact Us and Add to Cart Forms Not Secure

magento-1.9magento-community

I have setup my site (Magento 1.9 CE) to use SSL. This was done in the configuration (System > Configuration > Web > Secure) and with Apache redirects.

When browsing the site, the browser (Chrome) marks Contact Us and Product View pages to have insecure content.

Both of these are related to the submit form. Upon closer inspection of the template files:

/template/contacts/form.phtml

<form action="<?php echo $this->getFormAction(); ?>" id="contactForm" method="post">

/template/catalog/product/view.phtml

<form action="<?php echo $this->getSubmitUrl($_product) ?>" method="post" id="product_addtocart_form"<?php if($_product->getOptions()): ?> enctype="multipart/form-data"<?php endif; ?>>

While I realize I could simply change the form actions with getUrl(), I was wondering if there is a right way to fix this considering this was core code.

Best Answer

Create custom module and add

Config.xml

<?xml version="1.0"?>
<config>
    <modules>
        <Fishpig_CartSecure />
    </modules>
    <frontend>
        <secure_url>
            <checkout_cart_add>/checkout/cart/add</checkout_cart_add>
            <contacts>/contacts</contacts>
        </secure_url>
    </frontend>
</config>

See Secure HTTPS Magento Shopping Cart

Related Topic