douzhai1182 2019-02-02 15:20
浏览 90
已采纳

Firefox:安全页面上的不安全的ajax调用

I am working on a travel website. In the website is a page where I make Ajax calls to another page. The app is created in vuejs framework. When I make a call Firefox says that I am making the AJAX call on an unsecured connection. It then proceeds to redirect the whole page instead of making an AJAX call. None of my POST data is preserved in the redirect. The entire process takes place on website secured end-to-end with SSL.

Even JS is included with an HTTPS URL and there is no concern of cross origin scripting. Firefox also confirms that no elements of the page are unsecured. This issue plagues the bus booking module of the website only and not the other modules such as flight booking or hotel booking which uses the exact same script. I am wondering what could be triggering this issue.

Error Message:

The connection used to access this resource was not secure.

Screenshots:

The entire flow of call

call made to https from an https page

Post data not preserved on redirect

Details of deployment:

  • Backend: Codeigniter 2.1.6 (PHP)
  • Web Server: Apache 2
  • Server: Amazon EC2

Site Conf File for Apache:

<VirtualHost *:80>

ServerName mysite.com

ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/mysite/


ErrorLog ${APACHE_LOG_DIR}/stg_error.log
CustomLog ${APACHE_LOG_DIR}/stg_access.log combined

<Directory “/var/www/html/mysite”>
  AllowOverride All
</Directory>
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =mysite.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
</VirtualHost>

<VirtualHost _default_:443>
    ServerName mysite.com
    ServerAdmin webmaster@localhost


    DocumentRoot /var/www/html/mysite/


    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>
    <Directory “/var/www/html/mysite">
      AllowOverride All
    </Directory>



    BrowserMatch    "MSIE [2-6]"nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

    BrowserMatch "MSIE [17-9]"ssl-unclean-shutdown

    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/mysite.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/mysite.com/chain.pem
</VirtualHost>

.htaccess

            RewriteEngine On
            RewriteBase /
            RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
            RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
  • 写回答

1条回答 默认 最新

  • dongshimao7115 2019-02-20 07:47
    关注

    As it turns out my issue was with my JavaScript. While my app originally was created in Vuejs it was on a page with other scripts. There was an issue with some other script which in turn was breaking functionality of Vuejs. In my case jQuery errors were preventing proper execution of my script. As soon as I resolved the original jQuery error, the redirect stopped and ajax worked normally.

    In conclusion it is a good idea to check if other scripts are halting your execution even if your code might be in another framework.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 请问代码技术们,云梦建站的这个坑你们踩过吗?
  • ¥20 androidstudio工具问题
  • ¥15 想问一些关于计量的问题
  • ¥15 关于c++外部库文件宏的问题,求解
  • ¥15 office打开卡退(新电脑重装office系统后)
  • ¥300 FLUENT 火箭发动机燃烧EDC仿真
  • ¥15 【Hadoop 问题】Hadoop编译所遇问题hadoop-common: make failed with error code 2
  • ¥15 vb6.0+webbrowser无法加载某个网页求解
  • ¥15 RPA财务机器人采购付款流程
  • ¥15 计算机图形多边形及三次样条曲线绘制