AJAX Register problem with HTTP/HTTPS
- chroma
-
Topic Author
- Offline
- New Member
-
Less
More
- Thank you received: 0
10 years 9 months ago #7268
by chroma
I've recently noticed a problem with AJAX Register when attempting to enter my e-mail address in the first e-mail address box. After tabbing off this field, I get the warning message "Check error".
I diagnosed this issue fairly quickly, as I have been having a similar problem with other components. The problem only appears when accessing the site via HTTP, and works correctly through HTTPS.
The AJAX request is done via an HTTP OPTION request rather than the correct HTTP GET method. Apparently, the OPTIONS request is sent whenever the data request comes from Javascript code that is not served from the same origin as the JavaScript is served from.
More info:
metajack.im/2010/01/19/crossdomain-ajax-...p-binding-made-easy/
stackoverflow.com/questions/1256593/jque...ead-of-a-get-request
Also, another thread where I discovered a similar problem in another Joomla component:
compojoom.com/forum/ccomment-pro/18648-p...ems-loading-comments
I have my live_site URL pointing to the HTTPS version of the site. This is for a variety of reasons, including components that won't work otherwise. However, I want the site to be accessible through both HTTP and HTTPS.
After some tracing and debugging, I'm pretty sure that JUri::root and JUri::base will always give the Joomla configured URL when calling those functions, rather than the actual accessed URL. For creating URLs for images, download files, and links, this is fine. However, for any Javascript which may access a server side resource, this will cause the problem seen here.
On line 63 of registration.php we have this:
var myFormValidation = new Validate('member-registration', {url: '<?php echo JURI::root().'index.php?option=com_users&task=ajax&tmpl=component'; ?>', params: params, strings: strings});
In order for AJAX Register to work correctly through both HTTP and HTTPS, this line needs to change. We need to use the accessed URL, not JURI::root().
Can this be fixed in the next release?
I diagnosed this issue fairly quickly, as I have been having a similar problem with other components. The problem only appears when accessing the site via HTTP, and works correctly through HTTPS.
The AJAX request is done via an HTTP OPTION request rather than the correct HTTP GET method. Apparently, the OPTIONS request is sent whenever the data request comes from Javascript code that is not served from the same origin as the JavaScript is served from.
More info:
metajack.im/2010/01/19/crossdomain-ajax-...p-binding-made-easy/
stackoverflow.com/questions/1256593/jque...ead-of-a-get-request
Also, another thread where I discovered a similar problem in another Joomla component:
compojoom.com/forum/ccomment-pro/18648-p...ems-loading-comments
I have my live_site URL pointing to the HTTPS version of the site. This is for a variety of reasons, including components that won't work otherwise. However, I want the site to be accessible through both HTTP and HTTPS.
After some tracing and debugging, I'm pretty sure that JUri::root and JUri::base will always give the Joomla configured URL when calling those functions, rather than the actual accessed URL. For creating URLs for images, download files, and links, this is fine. However, for any Javascript which may access a server side resource, this will cause the problem seen here.
On line 63 of registration.php we have this:
var myFormValidation = new Validate('member-registration', {url: '<?php echo JURI::root().'index.php?option=com_users&task=ajax&tmpl=component'; ?>', params: params, strings: strings});
In order for AJAX Register to work correctly through both HTTP and HTTPS, this line needs to change. We need to use the accessed URL, not JURI::root().
Can this be fixed in the next release?
Please Log in or Create an account to join the conversation.
- Saka
-
- Offline
- Administrator
-
10 years 9 months ago #7269
by Saka
Emir Sakic
www.sakic.net
Would JURI::base(true) work?
Emir Sakic
www.sakic.net
Please Log in or Create an account to join the conversation.