Security error

M

mikez006

Active member
We're migrating from VB4 to XF2 and we have created a test environment for XF2 at this URL
https://www.domain.com/123456/

We have HTTPS enabled and are using Enhanced Search. I rebuild the search index and tried testing the search, but got this error.

Security error occurred. Please press back, refresh the page, and try again.
...
Failed to load https://www.domain.com/123456/login/keep-alive: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.domain.com' is therefore not allowed access.
Click to expand...

The origin is http://www.domain.com, non HTTPS. Why is it doing that? Shouldn't the origin be "https://www.domain.com/123456/"

I'm not sure how to fix this, so any insight would be appreciated.

For all the settings in XF2 admin, I have https://www.domain.com/123456/ as the forum URL.
 
Sort by date Sort by votes
It looks like it's a problem with HTTPS.

For some reason if I click the "Home" link or logo, it goes back to the home page, but the URL is HTTP.

I have https enabled in the config and all the URLs in the admin settings area are using https, so why is that redirecting back to http?
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

LuckyRiver
  • Question Question
XF 2.3 Security error occurred when login to admin console
Replies
1
Views
90
Chris D
Chris D
Mr Lucky
  • Question Question
XF 2.2 Security error occurred. Please press back, refresh the page, and try again.
2
Replies
28
Views
2K
Suzanne O
Suzanne O
akok
It is impossible to create passkeys using Windows Security.
Replies
4
Views
73
Old Nick
O
Simon
  • Question Question
mod security blocking Google connected account
Replies
3
Views
82
Marcus
Marcus
Steffen
Fixed InvalidArgumentException on requests to "/login/keep-alive" after applying the 2.2.16 security fix
Replies
12
Views
301
vape.to
vape.to
Back
Top Bottom