I found that ajaxToCart has built-in ssl functions, but if the theme developer is lazy, they may have neglected to include code that tells ajaxToCart that ssl is enabled. I found it in the following code from ajax_cart_super.js.
function ajaxToCart(url,data,mine) { var using_ssl = $jq('.using_ssl').attr('value'); if(using_ssl==1) { url = url.replace("http://", "https://"); } .. .. }
As you can see, ajaxToCart will replace http with https, but only if there is an element with the class use_ssl and value = 1. The developer who created my theme did not include this element, so when the ajax request points to an unprotected page that needs to be protected the ajax answer will not work in jquery.
So, for me, the quick solution was to simply add this element to my pages. I know that ssl will always be enabled on this site, so I just encoded it into my template, as shown below.
<input type="hidden" class="using_ssl" value="1" />
Once that was there, javascript took the value and made a replacement. So now this works great for me, just adding this to the template. If you are a theme developer and want users to be able to turn it on and off, you can check the settings in the administrator. Although you may find yourself in an unsafe page, it will tell you if ssl is included in the backend, which will require the addition of this fix.
I have not tested the following, but I think it will look something like this ...
if(Mage::app()->getStore()->isCurrentlySecure()){ echo '<input type="hidden" class="using_ssl" value="1" />'; }
By the way, after many years of evaluating stackoverflow solutions, I am doing my first post here. Thanks to all the contributors, the help is excellent, and I will try to return it now. :)