Lesti_Fpc icon indicating copy to clipboard operation
Lesti_Fpc copied to clipboard

Published 20 hours ago verified publisher icon GordonLesti

Error in SSL site

Open informundo opened this issue 9 years ago • 5 comments

when I switch from a secure page to an unsecured, it gives me this error. It tries to load a resource from an address in a non-ssl SSL page XMLHttpRequest cannot load https://www.navatiendas.es/skin/frontend/em0132/default/css/less/functions.less. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.navatiendas.es' is therefore not allowed access.

Test with Lesti 1.4.1 to 1.4.5

informundo avatar Feb 23 '16 20:02 informundo

Hello @informundo sorry to ask that, but does the error also appear with disabled FPC? Cause Fpc isn't modifying the header of static files.

GordonLesti avatar Feb 24 '16 08:02 GordonLesti

Yes. With FCP disabled does not show the error and the page is displayed correctly

informundo avatar Feb 24 '16 10:02 informundo

Can you enable Fpc again? I would like to take a look again. Just in general, I guess you have a problem with switching the protocol. For example:

Mixed Content: The page at 'https://www.navatiendas.es/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.navatiendas.es/ajaxblock/?data=eyJ0eXBlIjoidGFic1wvZ3JvdXAiLCJ0a…I4IiwidGVtcGxhdGUiOiJlbXRhYnNcL2dyb3VwLnBodG1sIiwiYWpheGJsb2NrIjp0cnVlfQ=='. This request has been blocked; the content must be served over HTTPS.

GordonLesti avatar Feb 24 '16 10:02 GordonLesti

Ok. Now is enable. It does not happen every time. You may have to enter a secure page and return for example at home several times

informundo avatar Feb 24 '16 12:02 informundo

I find this happens when block html cache is enabled and you happen to load the http site first.

Disabling html block cache solves this issue entirely for me, something is up with it in combination with LestiFPC I find.

Quazz avatar Dec 26 '16 11:12 Quazz