I have a site set to for https but when I include an amazon astore IFRAME using the initial page displays in the IFRAME but the http links that amazon has in the frame do not work. I presume they are being for to https in my domain RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} !/robots.txt RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Code (markup): or RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC] RewriteRule ^$ https://domain.com/$1 [R,L] Code (markup): but neither allows the astore iframe to work. This is on a word press site, but I hve created a separate test html file and even removed all htaccess lines and the astore frame still displays but the http links dont work Where else am I missing the http to https being forced?
Could you provide a link? Did you check the console log? Maybe you can trace the network activity in your browser and check if there are any permission errors (crossdomain problems in example)
The initial page display but if you click on one of the category links it goes blank If you click on one of the product links it works The only difference I see if product are https and category links are http If you open one of the category links in a new window, it works. If I place this same html in a domain that is not force https it works. But even after removing the .htaccess it still does not work on this domain. So I am at a loss as to whats is breaking it. If I place another site in the iframe ( I own , differant domain that is forced all https ) it works okay.
This testing was done in chrome In Edge and Internet explorer the products don't change when choosing a different category but the product links work.
Right, now i see the problem. If you check the console log after clicking one of the category links, you can see: Mixed Content: The page at 'https://www.aerating-thatching.com/tester.html' was loaded over HTTPS, but requested an insecure resource 'http://astore.amazon.com/aeraandthatco-20?_encoding=UTF8&node=4'. This request has been blocked; the content must be served over HTTPS. Code (markup): As you can see, the frame was loaded through https and the link you're clicking on is doing a non secure request. Did you try not using https? However, i suppose you will get the same error when clicking on a secure link (frame loaded with http, link with https). I'm not familiar with astore. I'm going to look into it
Problem is domain is force https and no control of amazon astore that has http and https. Is there any solution to the mixed content from my side , say that its allowed? or adding an exception to the .htaccess for a specific page to always be loaded as http which I am not familiar on how to do
I don't really the now. If you change the frame source from https to http, it works, but i understand you use https in your website. There is a good reason to use https on the website?
Other questions is how the the Actually the initial display of the astore is started with a https, it amazon the generates the http for categories and https for products best solution would be for amazon to fix the astore generation to follpw the initial request type. This on its own page so if that page ( like tester.html ) if that page could be not forced to https , would be a patch to the problem until amazon fixes problem.