search

WPCloudDeploy / wp-cloud-deploy

WPCloudDeploy is a WordPress plugin that allows you to easily deploy and manage your own dedicated high-performance WordPress servers and sites at any cloud server provider.
https://wpclouddeploy.com
Other
87 stars 41 forks source link

V5 OLS | Browser Console Error - Failed to set referrer policy #77

Closed unakriti closed 1 year ago

unakriti commented 1 year ago

Edit: Version used Beta 08

Hi,

I am using the default Security Tweaks for a website on a new OLS server. Screenshot below:

WPCD V5 OLS Default Security Tweaks Referrer Policy Screenshot from 2022-11-06 18-20-33

When I view either the frontend or the backend of the newly deployed site, there's this browser console error. Screenshot below:

Failed to set referrer policy: The value 'strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin;' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.

WPCD OLS Site Console Error Screenshot from 2022-11-06 18-25-39

Is this expected behaviour?

Thanks,

elindydotcom commented 1 year ago

That shouldn't be the case. But I can see it on my tests too. But only after I press CTRL-F5 on a page which is why it wasn't seen before.

The weird thing is that sites served with the nginx server sends the same values for that header. You can compare the two sets of headers using the network tab from the browser. They're exact.

But only sites served up by OLS causes the browser to throw that error. And only chromium browsers do it. Firefox doesn't show it at all.

So weird.

unakriti commented 1 year ago

You are right, I do not see the issue on NGINX sites. I am testing on Brave browser which I guess is Chromium-based.

Not sure whether its a valid solution in this scenario but according to a StackExchange thread, it could be a problem with htaccess config. Details here - https://stackoverflow.com/questions/39943549/error-int-the-failed-to-set-referrer-policy

Kind regards,

elindydotcom commented 1 year ago

The header is set in the vhost file actually, not in .htaccess.

Regardless, it's weird behavior for sure.

elindydotcom commented 1 year ago

I think we figured this out. Grab the latest files from the dev branch. We'll push out a new beta with this fix this weekend.

unakriti commented 1 year ago

Thank you.

I just tried V5.1 (downloaded from my WPCD account) and I can see the issue persists. Could I be missing something here?

Kind regards,

elindydotcom commented 1 year ago

Check the set-referrer policy in your existing sites - it probably has a semicolon on the end. Just remove it and restart the lsws server. That should resolve the issue on existing sites. You should not see the issue on new sites.

unakriti commented 1 year ago

Thank you. Yes, I moved an old site to a new server and the error persisted. However, when I create a new site things look better - no console errors. Appreciate your help.