OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – HTML, JavaScript, CSS, Design Questions Cross-site Requests to orocrm.com – Are They Necessary?

This topic contains 9 replies, has 6 voices, and was last updated by  Rodolfo 8 years, 1 month ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Author
    Replies
  • #25610

    Dima Soroka
    Keymaster

    Hi Tim

    We have this JS code in order to enable “Ask a question” form later on. It should not block page load and we’ll verify this issue.

    Thanks
    Dima

    #25611

    Alexandr Smaga
    Participant

    Hello @etoulas!

    We tried to reproduce this issue, but we could not.
    Could you please give us more details ?

    I tried to setup ipfw on my mac that blocks all requests to crm.orocrm.com.
    And it works as it should, page was not blocked and after timeout which equals 2 secs, I’ve seen reported error in JS console.
    The same behavior if embedded script is not accessible due to slow connection.

    #25612

    Rodolfo
    Participant

    ‘http://crm.orocrm.com/bundles/orocrmrequest/js/embed.form.js’.
    This request has been blocked; the content must be served over HTTPS.

    Any update about this?

    #25613

    Dima Soroka
    Keymaster

    Hi @Rodolfo

    It must be over HTTPS, do you have a case when it is not?

    #25614

    Rodolfo
    Participant

    Hi Dima @soroka

    For some reason, it doesn’t translate this: https://github.com/orocrm/platform/blob/master/src/Oro/Bundle/PlatformBundle/Resources/views/have_request.html.twig#L7 to https

    Not sure if I’m missing some config or if it’s indeed an issue.

    #25615

    Ivan Klymenko
    Spectator

    Thanks Rodolfo! We will check it.

    #25616

    Rodolfo
    Participant

    Thanks Ivan,

    Just a heads up, I found another problem that occurs when we click on “Configure Integration”:

    Channel -> Create Channel -> Select: Magento -> “Configure Integration” (To open to modal window)

    Mixed Content: The page at ‘https://ACME/channel/create’ was loaded over a secure connection, but contains a form which targets an insecure endpoint ‘http://ACME/channel/integration/create/magento/test?_wid=XXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX&_widgetContainer=dialog’. This endpoint should be made available over a secure connection.

    #25617

    Dmitry Shikalenko
    Participant

    Hi @Rodolfo

    I tried to reproduce your issue but I couldn’t. I checked older versions till 1.6 as well. Moreover the AJAX request that leads to error is sent with relative path so having different schema there looks quite strange.

    Could you provide more information about your conditions? For instance OS, browser, any extra pluging or software that have chance to impact on this functionality

    Thanks

    #25618

    Rodolfo
    Participant

    Thank you very much for your effort @dshykalenko
    I’m forcing any http to go over https. These are my actual configuration:

    nginx

    app/config/routing.yml

Viewing 9 replies - 1 through 9 (of 9 total)

The forum ‘OroCRM – HTML, JavaScript, CSS, Design Questions’ is closed to new topics and replies.

Back to top