Closed last-Programmer closed 3 years ago
last-Programmer
commented
3 years ago I just made this change and got it working
public virtual bool IsCurrentConnectionSecured() { return true;
In webhelper.cs
when i enable the HttpXForwardedProtoHeader it fallback to http. unable to debug since i was using it in docker container. Dont know what is going wrong with original code.
nextfool
commented
3 years ago the key problem is that Nop does not pass the HTTPS headers from your revers proxy to asp.net core runtime. You need to add following to the implement of "ConfigureRequestPipeline" in NopEngine.cs
application.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All, });
Since you are already behind a proxy(nginx most likely?), you may not need Nop to do the https redirect for you. So you can just safely remove the HttpsRequirement attribute form the BaseController to avoid some infinite redirect loop.
last-Programmer
commented
3 years ago but when i see the headers under system X-Forwarded-Proto header is there with value https. so nopcommerce request has the required header but somehow webhelper does not able to see the header.
exileDev
commented
3 years ago Moved to #5584
nopCommerce version: 4.4.0
Steps to reproduce the problem: 1) go to https://store.makeprog.com
2) add a product to shopping cart
3) checkout
4) checkout as a guest
5) enter a billing address and click continue
6) you can see that request made to http://store.makeprog.com/checkout/OpcSaveBilling/ instead of https://store.makeprog.com/checkout/OpcSaveBilling/ because of this mixed content the page is redirected to http://store.makeprog.com/cart/
the storelocation seems to be not respecting the https this is what rendered
`
how do i fix this.
This is a serious problem. because user needs to enter the payment details in non secure page.
Thanks in advance