[jira] [Commented] (WW-4774) Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP

Sat, 25 Mar 2017 20:48:06 -0700 

    [ 
https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15942117#comment-15942117
 ] 

upendar commented on WW-4774:
-----------------------------

The configuration is
ELB ---->Apache -- ELB -- UI Server (Jetty 8.1.4)
(https) -->http ---http>http  --- and the SSL is terminated at ELB.   The URL 
in the browser shows HTTPS always when the application is opened in the 
browser.  I believe  acccountxxx.create action is HTTPS since  on mainwindow  
we have search page that is working fine and shows HTTPS  in chrome developer 
tools. you can help me how to check to confirm - what code to add to check  ?
 Also what class /library code to will change HTTPS to HTTP  for redirect url ? 
I see many users raised questions on struts 2 HTTPS-HTTP but I didnt find any 
concrete answer for this. could you check and let us know are there any 
specific migrations steps to be followed for upgrade 2.3.1 to 2.5.10.1  since 
the same configurations in struts and apache server working fine with 2.3.1  
and why not for latest version?are there any specific code involved for this 
change HTTPS to HTTP?

is 2.5.10.1 version is stable ?



> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues  HTTPS to HTTP
> ------------------------------------------------------------------
>
>                 Key: WW-4774
>                 URL: https://issues.apache.org/jira/browse/WW-4774
>             Project: Struts 2
>          Issue Type: Bug
>            Reporter: upendar
>            Priority: Critical
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect  making https:// 
> to http:// . The following errors in chrome and IE are seen while redirecting 
>  from the popup to main window
> redirecting  popup (create user) --- main window (viewdashboard)  - the URL 
> shows https:// to http://
> We are blocked completely due to this issue and need support ASAP. We also 
> reviewed the apache server configurations and looks good. Please share the 
> fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at 
> 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44' was loaded over HTTPS, 
> but requested an insecure XMLHttpRequest endpoint 
> 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'. This request has been blocked; 
> the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the 
> operation due to error 00002ef1.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to