CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion (Moderator: Donald Lobo) »
  • Force SSL on AJAX requests?
Pages: [1]

Author Topic: Force SSL on AJAX requests?  (Read 2125 times)

Wes Reimer

  • I post occasionally
  • **
  • Posts: 49
  • Karma: 1
  • CiviCRM version: 4.4.6
  • CMS version: WordPress 3.9.x
  • MySQL version: 5.5.36-cll
  • PHP version: 5.3.27
Force SSL on AJAX requests?
June 23, 2014, 11:26:46 am
I tried this fix to get the Country/State dropdowns working in WordPress: https://issues.civicrm.org/jira/browse/CRM-14631

However, it only works over http. I tried to "Force Secure URLs" but that is also buggy (see https://issues.civicrm.org/jira/browse/CRM-13227 and it's not just Drupal, see https://issues.civicrm.org/jira/browse/CRM-14744 ).

So my question is: if "Force Secure URLs" was working, would it force SSL on this (and any other) AJAX calls? If not, is there some other way to make the AJAX calls use https?

Sorry if this is the wrong forum.

Wes Reimer

  • I post occasionally
  • **
  • Posts: 49
  • Karma: 1
  • CiviCRM version: 4.4.6
  • CMS version: WordPress 3.9.x
  • MySQL version: 5.5.36-cll
  • PHP version: 5.3.27
Re: Force SSL on AJAX requests?
June 24, 2014, 07:53:08 am
I've confirmed this is a problem in other areas that use AJAX, e.g., editing a multiple-entry record on a profile: the Save button doesn't work and I see this error in Chrome's console:

XMLHttpRequest cannot load http://website.com/crm?page=CiviCRM&q=civicrm/profile/edit. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://website.com' is therefore not allowed access.

Wes Reimer

  • I post occasionally
  • **
  • Posts: 49
  • Karma: 1
  • CiviCRM version: 4.4.6
  • CMS version: WordPress 3.9.x
  • MySQL version: 5.5.36-cll
  • PHP version: 5.3.27
Re: Force SSL on AJAX requests?
June 25, 2014, 11:38:06 am
UPDATE

A solution to the SSL issues on WordPress specifically is to force SSL everywhere. I did this via .htacess. Thanks to Dana from Tadpole for that. She said:

"Because of the way that WP handles SSL and site cookies, CiviCRM cannot reliably use SSL only on certain pages. We have found that the only way to reliable use SSL with WP (even with out CiviCRM) is to use SSL for everything."

However, now I have a different problem on the multi-record popup. When you click Save in the popup, 404 is returned for the request, which is https://website.com/crm?page=CiviCRM&q=civicrm/profile/edit. I will start a new forum topic on this.
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion (Moderator: Donald Lobo) »
  • Force SSL on AJAX requests?

This forum was archived on 2017-11-26.