[jira] [Commented] (WW-4774) Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP

Sun, 26 Mar 2017 14:52:10 -0700 

    [ 
https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15942460#comment-15942460
 ] 

upendar commented on WW-4774:
-----------------------------

we use below jars; there are few more jars being used in the application , I 
dint list all what we use in the application.

if you could let us know what changed to be done at struts that would be really 
good. As you said you were able to replicate the issue  right ?there is no 
change in servelet api and sendRedirect() is being called  in struts 
org.apache.struts2.dispatcher.ServletRedirectResult class  and finallocation is 
relativepath, as you stated, eventually the servletresponse will construct the 
entire url .

jetty-servlet-8.1.4.v20120524.jar
javax.servlet-3.0.0.v201112011016.jar
javax.servlet.jsp.jstl-1.2.0.v201105211821.jar
javax.servlet.jsp-2.2.0.v201112011158.jar
tiles-servlet-3.0.7.jar
tiles-request-servlet-1.0.6.jar


> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues  HTTPS to HTTP
> ------------------------------------------------------------------
>
>                 Key: WW-4774
>                 URL: https://issues.apache.org/jira/browse/WW-4774
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.5.10
>            Reporter: upendar
>            Priority: Critical
>             Fix For: 2.5.next
>
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect  making https:// 
> to http:// . The following errors in chrome and IE are seen while redirecting 
>  from the popup to main window
> redirecting  popup (create user) --- main window (viewdashboard)  - the URL 
> shows https:// to http://
> We are blocked completely due to this issue and need support ASAP. We also 
> reviewed the apache server configurations and looks good. Please share the 
> fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at 
> 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44' was loaded over HTTPS, 
> but requested an insecure XMLHttpRequest endpoint 
> 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'. This request has been blocked; 
> the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the 
> operation due to error 00002ef1.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to