[jira] [Commented] (WW-4774) Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP

Sat, 25 Mar 2017 09:18:01 -0700 

    [ 
https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15941778#comment-15941778
 ] 

Stefaan Dutry commented on WW-4774:
-----------------------------------

Can you please provide some additional information please.

What tags are on the page that could have created the url?


>From what i can tell you are located on 
  {{https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44}}
And somewhere on the page there is a url being used that is:
  {{http://XXX/XX/XX/viewdashboard?uar=44&Id=1}}

Would you have any idea where on the page that url could be located and by what 
tag it could be rendered?

You say this happens while being on the "create user" popup and trying to leave 
it, what happens during the leaving of the popup?
* is that a link that's being clicked?
** How is that link built?
** What tags are used and what attributes are set?
* is that a form that's being submitted?
** what tags are used and what attributes are set?
* how is the popup rendered?
** is it content from a remote url?
*** is that url {{https}} ?

> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues  HTTPS to HTTP
> ------------------------------------------------------------------
>
>                 Key: WW-4774
>                 URL: https://issues.apache.org/jira/browse/WW-4774
>             Project: Struts 2
>          Issue Type: Bug
>            Reporter: upendar
>            Priority: Critical
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect  making https:// 
> to http:// . The following errors in chrome and IE are seen while redirecting 
>  from the popup to main window
> redirecting  popup (create user) --- main window (viewdashboard)  - the URL 
> shows https:// to http://
> We are blocked completely due to this issue and need support ASAP. We also 
> reviewed the apache server configurations and looks good. Please share the 
> fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at 
> 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44' was loaded over HTTPS, 
> but requested an insecure XMLHttpRequest endpoint 
> 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'. This request has been blocked; 
> the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the 
> operation due to error 00002ef1.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to