Magento - Why is wishlist under https protection? - Security - eCommerce Software for Growth

Log In

Username or Email

Password:

Forgot Password

or
Register

Skip to site navigation »
Skip to main content »
Skip to footer content »

Magento Forum

Why is wishlist under https protection?

robbie_smith Total Posts: 95 Joined: 2011-06-21 Ignore user	That’s really stupid if I can give an opinion. There’s nothing secure about this except maybe perhaps the part where email addresses are entered. In my theme/layout/customer.xml I have this: `<customer_logged_in> <reference name="top.links"> ... <action method="addLink" translate="label" module="wishlist" ifconfig="wishlist/general/active"> <name>Wishlist</name> <path>wishlist/</path> <label>My Wishlist</label> <position>20</position> </action> </reference> </customer_logged_in>` I’ved trued using <url helper="customer/getWishlistUrl" /> but that turned up to not work. I checked the app/code/core/Mage/Customer/Block/Account/Dashboard.php and the function getWishlistUrl() has array(’_secure’ => true). If I want to change this is, do I need to create a local folder copy with that array value to false?
	Posted: November 16 2011 \| top

robbie_smith Total Posts: 95 Joined: 2011-06-21 Ignore user	slap me silly and shove a crow bar up my nose. I tried to undo this and literally place http://blah.blah.com/wishlist in the links.phtml page we’ve customized and Magento still insists that the wishlist must be over https encryption. Anyone from Magento care to chime in on the reasoning? I don’t feel this needs to be encrypted. If it needs to be encrypted then I need a darn good reason why. I’m on 1.4.2
	Posted: November 17 2011 \| top \| # 1

tzyganu Total Posts: 2168 Joined: 2009-11-18 Bucharest, Romania Ignore user	Try removing these lines: `<secure_url> <wishlist>/wishlist/</wishlist> </secure_url>` from app/code/core/Mage/Wishlist/etc/config.xml Signature http://marius-strajeru.blogspot.com/ Check out the Ultimate Module Creator: on magento connect on github
	Posted: December 14 2011 \| top \| # 2

robbie_smith Total Posts: 95 Joined: 2011-06-21 Ignore user	Cool. That seems to have an affect in my localhost edition. Cheers,
	Posted: December 14 2011 \| top \| # 3

Magento Community

Magento Community

Back to top

security functions of Magento