I keep getting that pesky "...the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party..." warning whenever I try to use my search function.

This does not happen in IE 5.5 or IE 6. It DOES happen with Mozilla Firefox 1.5 .

I have checked and rechecked my domain settings to make sure the secure graphics points to a secure address.

I have made sure that all graphics use global url's. I have turned off global headers and footers, navbar, and everything else besides the head and body tags trying to track this down, and I still get the error.

I can go to account information, the basket, and the checkout without errors, just whenever I try and use the search function from any page do I get an error and then only with Mozilla.

Where do I look next?

That error is usually caused by your being on a secure https:// page and then typing data into a form whose action is a http:// page. You could change your search box's form action to use your secure URL, or you could make sure your store is running in insecure mode on all normal shopping pages, which is recommended anyway for performance.

Thanks for your reply.

This is the code where I call the search action:

<form method="post" action="http://www.cotton-tails.com/mm5/merchant.mvc?" name="MiniSearch">
<input type="hidden" name="Store_Code" value="&mvte:store:code;" />
<input type="hidden" name="Screen" value="SRCH" />
Search the store:<br />
<input type="text" name="Search" size="20" value="Enter keywords" onFocus="document.MiniSearch.Search.value='';" /><br />
<input type="Submit" Value="Go" />
</form>

I call this from unsecured pages. Just for fun, I put the call on a secured page and got the same error.

Your store's insecure graphics path in the domain settings is set to:

https://ssl4.westserver.net/cotton-tails.com/mm5/

That's causing the page to be treated as secure even though the visible URL still says http://www.cotton-tails.com/

gives self dummy slap!!!

Thanks!

Opps, jumped the gun there.

A quick check of my domain settings shows:
Base URL for Graphics: http://cotton-tails.com/mm5/
Secure Base URL for Graphics: https://ssl4.westserver.net/cotton-tails.com/mm5/

My understanding is that this is as it should be.

Hmm, that doesn't make sense; if I click around on the site it always has <base href="https://ssl4.westserver.net/cotton-tails.com/mm5/"> set in the top and it should not do that on regular insecure pages. Try logging into your store admin securely and insecurely and see if the settings change from one to the other; I've heard of some hosts having a setup where you have to only use the admin in secure mode for whatever reason or you can end up with unusual behavior like this.

I hadn't noticed that before. I've taken it up with my hosting service since they set the account up for me in the first place. They are suppose to provide me with Miva support, but their support has been rather spotty at best.