Low Search breaking SSL (no green padlock on Chrome)
After commenting out various bits of my code to try and track down which part of my source code was causing Chrome to not display my https page with a green padlock, I noticed that it was the Low Search Forms. I think it's because the action was going to an insecure page.
I tried force_protocol="https" but this didn't help (the action was still the same).
In the end I was able to work around it using form_action="/" to force it to add a second action to the form, but obviously this shouldn't have two actions. What I really need is for it only to search over SSL when the page is over SSL (since I only really need SSL for the donation page on my site). Is this a bug or have I missed something?
Replies
Low 6 Nov 2014 17:15
Low Search uses EE's form_declaration() method to generate the form. That uses the 'site_url' config setting to determine the action of the form tag. If you can add the https protocol to that URL, the same should be added to the form's action attribute.
The force_protocol="" is used for the
boilerroomdigital 6 Nov 2014 17:24
Ah, OK - that makes sense. BTW, this add-on fixed the issue:
http://devot-ee.com/add-ons/force-ssl
(The extension updates the form actions if you're viewing over SSL).
Thanks for your response.