struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "upendar (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4774) Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP
Date Sun, 26 Mar 2017 03:47:41 GMT

    [ https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15942117#comment-15942117
] 

upendar commented on WW-4774:
-----------------------------

The configuration is
ELB ---->Apache -- ELB -- UI Server (Jetty 8.1.4)
(https) -->http ---http>http  --- and the SSL is terminated at ELB.   The URL in the
browser shows HTTPS always when the application is opened in the browser.  I believe  acccountxxx.create
action is HTTPS since  on mainwindow  we have search page that is working fine and shows HTTPS
 in chrome developer tools. you can help me how to check to confirm - what code to add to
check  ?
 Also what class /library code to will change HTTPS to HTTP  for redirect url ? I see many
users raised questions on struts 2 HTTPS-HTTP but I didnt find any concrete answer for this.
could you check and let us know are there any specific migrations steps to be followed for
upgrade 2.3.1 to 2.5.10.1  since the same configurations in struts and apache server working
fine with 2.3.1  and why not for latest version?are there any specific code involved for this
change HTTPS to HTTP?

is 2.5.10.1 version is stable ?



> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues  HTTPS to HTTP
> ------------------------------------------------------------------
>
>                 Key: WW-4774
>                 URL: https://issues.apache.org/jira/browse/WW-4774
>             Project: Struts 2
>          Issue Type: Bug
>            Reporter: upendar
>            Priority: Critical
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect  making https:// to http://
. The following errors in chrome and IE are seen while redirecting  from the popup to main
window
> redirecting  popup (create user) --- main window (viewdashboard)  - the URL shows https://
to http://
> We are blocked completely due to this issue and need support ASAP. We also reviewed the
apache server configurations and looks good. Please share the fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44'
was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'.
This request has been blocked; the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the operation due
to error 00002ef1.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message