[
https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15942808#comment-15942808
]
Charu Ramchandani commented on WW-4774:
---------------------------------------
Hi,
I am part of Upendar's team, working on this issue.
Just have this doubt, if Spring Security could be playing around here. As with
Struts 2.3.1 version, we were using Spring 3.0.5.RELEASE version.
> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP
> ------------------------------------------------------------------
>
> Key: WW-4774
> URL: https://issues.apache.org/jira/browse/WW-4774
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.5.10
> Reporter: upendar
> Priority: Critical
> Fix For: 2.5.next
>
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect making https://
> to http:// . The following errors in chrome and IE are seen while redirecting
> from the popup to main window
> redirecting popup (create user) --- main window (viewdashboard) - the URL
> shows https:// to http://
> We are blocked completely due to this issue and need support ASAP. We also
> reviewed the apache server configurations and looks good. Please share the
> fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at
> 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44' was loaded over HTTPS,
> but requested an insecure XMLHttpRequest endpoint
> 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'. This request has been blocked;
> the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the
> operation due to error 00002ef1.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
