where we define checkout page has to be https

Question

If we enable https in our site at admin apnel then home page and checkout pages will run under https and other page will run under http only. So in which page we make this settings? I know by default magento provides this, But I need to know in which file this configuration will de defined?

Answer 1

The configuration for certain pages to be secure is done in the config.xml file of each module. Let's take as example the checkout page. In app/code/core/Mage/Checkout/etc/config.xml there is this:

<frontend>
    <secure_url>
        <checkout_onepage>/checkout/onepage</checkout_onepage>
        <checkout_multishipping>/checkout/multishipping</checkout_multishipping>
    </secure_url>
    ....
</frontend>

This tells Magento that the pages /checkout/onepage and /checkout/multishipping should be secure if HTTPS is enabled.
The decision if an url is secure or not is made by this line:

$this->_checkShouldBeSecure($request, '/'.$module.'/'.$controller.'/'.$action);

in Mage_Core_Controller_Varien_Router_Standard::match() method