search

birgitzprinz / epi-content-type-usage

Content type usage plugin for EPiServer CMS 9+
7 stars 3 forks source link

Blocked Mixed Content Error when trying to use this module. #2

Open GeekInTheNorth opened 2 years ago

GeekInTheNorth commented 2 years ago

When a user attempts to used the Content Type Usage module in the admin section of the CMS, the module fails to load.

The initial request fired by the browser is to: https://www.our-client-domain.com/custom-plugins/content-type-usage

The response received is a redirect response to (a downgrade of HTTPS to HTTP) http://www.our-client-domain.com/custom-plugins/content-type-usage

If I directly request the URL as HTTPS rather than using the link in the admin menu, then the page does show and I can see the list of available content types to search for usages.

Then when I click the "Filter" button, the request is sent to: https://www.our-client-domain.com/custom-plugins/content-type-usage/GetInstances?contentTypeId=1133&page=1&pageSize=10

but another redirect response is received for (a downgrade of HTTPS to HTTP): http://www.our-client-domain.com/custom-plugins/content-type-usage/GetInstances?contentTypeId=1133&page=1&pageSize=10

The browser then blocks this with "mixed-content" due to the downgrade of HTTPS to HTTP.

EPiServer.CMS: 11.20.4 Eshn.ContentTypeUsage: 11.0.0 Hosting: Self Hosted on IIS

birgitzprinz commented 2 years ago

@GeekInTheNorth : I think you may have redirect rules setup in your site to redirect from HTTPS to HTTP. Are you using URL Rewrite in your site? If so could you please post the rewrite rule section?

GeekInTheNorth commented 2 years ago

@birgitzprinz Thank you for getting back in touch. We do have redirect rules in place, however they take a user from HTTP to HTTPS and not the other way around.

<rewrite >
    <rules>
        <rule name="WWWrewriteGD" stopProcessing="true" xdt:Transform="Insert">
            <match url="(.*)" />
            <conditions>
                <add input="{HTTP_HOST}" pattern="^www\.example\.co\.uk$" negate="true" />
            </conditions>
            <action type="Redirect" url="https://www.example.co.uk/{R:1}" />
        </rule>
    </rules>
</rewrite>
birgitzprinz commented 2 years ago

@GeekInTheNorth : we have run this add-on on many sites with HTTPS and haven't been able to reproduce this issue. Would you mind sharing your source code so that I can take a look?