I'm running into a problem with Firefox (23) blocking mixed content. I have one payment/registration page set up to use https and that's working. But when I click the submit button Firefox blocks the transaction from occurring because of mixed content. (I'm just doing test transactions at the moment.) Here's more info on this blocking:
In Chrome the transaction goes through, but with a scary yellow <!> warning saying that it was not secure:
"Your connection to [yourdomain.org] is encrypted with 128-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page."
If I set my whole site to use https instead of just that page, the problem does not occur. But I don't want my whole site to use https if I can avoid it, since there are already links out there using http and I don't want anyone to link to any other pages using https.
Is there a way to get WP-Stripe to not serve mixed content and avoid being blocked or generating scary warnings from browsers? (I'm guessing that it's just some AJAX content related to the "success" message" that's being sent via http/unsecured?)
(Also, I am using the [wp-legacy-stripe] shortcode, in case that's relevant.)