Security error

mikez006

Member
We're migrating from VB4 to XF2 and we have created a test environment for XF2 at this URL
https://www.domain.com/123456/

We have HTTPS enabled and are using Enhanced Search. I rebuild the search index and tried testing the search, but got this error.

Security error occurred. Please press back, refresh the page, and try again.
...
Failed to load https://www.domain.com/123456/login/keep-alive: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.domain.com' is therefore not allowed access.
The origin is http://www.domain.com, non HTTPS. Why is it doing that? Shouldn't the origin be "https://www.domain.com/123456/"

I'm not sure how to fix this, so any insight would be appreciated.

For all the settings in XF2 admin, I have https://www.domain.com/123456/ as the forum URL.
 

mikez006

Member
It looks like it's a problem with HTTPS.

For some reason if I click the "Home" link or logo, it goes back to the home page, but the URL is HTTP.

I have https enabled in the config and all the URLs in the admin settings area are using https, so why is that redirecting back to http?
 
Top