May be a cache problem.
If you use SSL and non-SSL on the same Drupal site, generated cache (IE. nodes texts and blocks content, even full pages in aggressive caching mode) will randomly carry https:// or http:// URLs.
In fact, if a use browse the site with https://, the url() function will put https:// absolute URL for files (and whenever the coder asked the url() function to do an absolute URL) in rendered content, then save it in cache. The result is, when a user will visit the site with http:// (non-SSL mode), content got back from cache will display https:// because of this wrong cache. The opposite operation also works, the first user to hit the content (https or not) will generate the cache.
In the company I work for, we encounter this problem a lot, we finally decide to use multi site for SSL and non-SSL mixed sites, with a different domain name (IE mydomain.tld and secure.mydomain.tld), both sites using the same database with the same prefix, except for cache tables. With this method, a user hitting the site with SSL mode will write cache for SSL browsers only and vice-versa.
You might try using no cache at all, or emptying your cache at each request to be sure this is what's messing it up.
Pierre.
On Sat, 2009-05-16 at 17:39 -0400, Joseph Yamada wrote:
... this is bad, I won't be able to deploy to production until I fix this.
I've configured mod_ssl with my apache to require my drupal site to run in SSL.
And then I changed my login form to post back in https all the time $form = array( '#action' => preg_replace('/^http:/', 'https:', url($_GET['q'], drupal_get_destination(), null, true)), );
So my logins are encrypted.
So I'm on the site and https is encrypting the GETs, but then I change a form, say my profile page, then I post anything back to the server and my browser says I am sending text in the clear, non-encrypted.
Does this mean I need to rewrite the form posts for every form post page ?
Has anyone seen this, please assist a fellow Drupal user,
-- [ Drupal support list | http://lists.drupal.org/ ]