Announcement

Collapse
No announcement yet.

Problem with forum URL after installing SSL certificate

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wayne Luke
    replied
    The login iframe should always use the same URL as you have for the Front-End URL in the AdminCP. The only reason it has its own setting is because of something we attempted in 5.0.0 and have since disregarded and people should use SSL for the entire site these days. The option has stayed because it doesn't usually pose a problem.

    Leave a comment:


  • ArekInc
    replied
    Thanks Mark and Wayne! I will contact our host provider regarding CORS.

    In ​​​the end I did resolve the issue partially (all web browsers are showing the login frame correctly, but console shows it with errors, still) by hashing this line in .htaccess file:

    # Don't allow other sites to frame in your content. If you do need to frame the
    # forums in on another host you will need to remove or change this line.
    # Header always append X-Frame-Options sameorigin
    I have tried to add those lines but then login frame didn't work at all or behaved like beofre.

    Header set Access-Control-Allow-Origin "*"
    Header add Access-Control-Allow-Origin https://www.gooner.pl/forum
    Header add Access-Control-Allow-Origin https://www.gooner.pl
    I am aware that hashing X-Frame-Options is a potential security risk and will try to fix it after contacting hosting support.

    Thank you for support.

    Leave a comment:


  • Wayne Luke
    replied
    Redirect https://gooner.pl to https://www.gooner.pl/. You shouldn't try to access your site via multiple URLs in this day and age. You'll trigger server and browser security protocols like CORS.

    Your hosting provider can help you with redirects. They can also help you update the CORS policy for your site. There is no way to control either in vBulletin.

    Leave a comment:


  • Mark.B
    replied
    CORS is a third party browser add on. I have no idea why it is blocking anything, it isn’t something we can provide support for.

    Leave a comment:


  • ArekInc
    replied
    Looks like CORS is blocking access? Can someone help?

    jquery.js:8561 [Deprecation] Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
    send @ jquery.js:8561
    jquery.js:8630 Access to XMLHttpRequest at 'https://www.gooner.pl/forum/ajax/api/options/fetchValues' from origin 'https://gooner.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    send @ jquery.js:8630
    footer-rollup-553.js:382 Error when fetching options: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'https://www.gooner.pl/forum/ajax/api/options/fetchValues'.
    error @ footer-rollup-553.js:382
    jquery.js:8630 Access to XMLHttpRequest at 'https://www.gooner.pl/forum/ajax/api/options/fetchValues' from origin 'https://gooner.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    send @ jquery.js:8630
    footer-rollup-553.js:382 Error when fetching options: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'https://www.gooner.pl/forum/ajax/api/options/fetchValues'.
    error @ footer-rollup-553.js:382
    footer-rollup-553.js:2544 PM Dropdown not detected, skipping init.
    footer-rollup-553.js:2544 PM Chat window not detected, skipping init.
    (index):1 Refused to display 'https://www.gooner.pl/forum/auth/login-form' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
    footer-rollup-553.js:382 vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
    jquery.js:8630 Access to XMLHttpRequest at 'https://www.gooner.pl/forum/ajax/api/options/fetchValues' from origin 'https://gooner.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    send @ jquery.js:8630
    footer-rollup-553.js:382 Error when fetching options: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'https://www.gooner.pl/forum/ajax/api/options/fetchValues'.
    error @ footer-rollup-553.js:382
    footer-rollup-553.js:382 vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
    footer-rollup-553.js:382 Securitytoken updated
    footer-rollup-553.js:382 vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
    jquery.js:8630 Access to XMLHttpRequest at 'https://www.gooner.pl/forum/ajax/api/options/fetchValues' from origin 'https://gooner.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    send @ jquery.js:8630
    footer-rollup-553.js:382 Error when fetching options: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'https://www.gooner.pl/forum/ajax/api/options/fetchValues'.
    error @ footer-rollup-553.js:382
    footer-rollup-553.js:382 vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
    syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A156 4395362675%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22 page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
    (index):1 Refused to display 'https://www.gooner.pl/forum/auth/login-form' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

    Leave a comment:


  • ArekInc
    replied
    It behaves the same at different browsers which I cleared from cache files, uninstalled and installed again.
    When I go with gooner.pl only, it works like a charm. The login tab can be loaded.
    But when I type gooner.pl/forum it shows as follows on Opera and Firefox:

    Click image for larger version

Name:	Adnotacja 2019-07-23 204119.jpg
Views:	138
Size:	52.5 KB
ID:	4418927

    Click image for larger version

Name:	Adnotacja 2019-07-23 204003.jpg
Views:	96
Size:	76.5 KB
ID:	4418928

    Leave a comment:


  • Wayne Luke
    replied
    Click image for larger version

Name:	2019-07-23_11-10-08.png
Views:	115
Size:	49.9 KB
ID:	4418921


    The login form is loading for me when I visit your forum. Please clear your browser cache.

    Leave a comment:


  • In Omnibus
    replied
    It sounds like your root URL is not whitelisted in the SSL certificate.

    Leave a comment:


  • ArekInc
    started a topic Problem with forum URL after installing SSL certificate

    Problem with forum URL after installing SSL certificate

    Hi all,

    So we run this https://www.gooner.pl/forum/ website and today we've installed a SSL certificate for the first time. The issue started after setting up the certificate.
    So when even I, a logged in user to the forum (but not only, appears for all website viewers) opens it again with full address as above, it opens like for an unregistered/not logged in user and the login tab shows an error "Server www.gooner.pl has rejected the connection" (sorry, the site is in Polish):

    Click image for larger version

Name:	refused_connection.png
Views:	183
Size:	8.3 KB
ID:	4418915

    Anyway, after clicking whatever option on the forum, it brings it all back to a normal view of me, for example, as a logged in user an everything is working just fine. Can anyone advice what might be the issue here?

    Thanks a lot.

Related Topics

Collapse

Working...
X