All geek questions in one place

JQuery.ajax does not use https

So, I am calling a web service from jQuery using the .ajax method. The page calling the method is an HTTPS / SSL page, but when the call is made, jQuery continues to make an HTTP request and it fails because the server is configured to redirect all HTTP traffic to HTTPS ... so 301 error is returned.

I checked my code a million times and tried a million ways to generate the url parameter for an ajax request. (using // for relative and now just adding the https protocol to the beginning of the url. Here is my javascript:

function add_inbound_record(serial_number, pass_fail_value) { pfv = pass_fail_value.toUpperCase(); url = location.protocol + "//" + location.hostname + "/inbound/record- inspection/" + serial_number + "/" + pfv; $.ajax({ url:url, cache:false, }); }

So, when this code is executed, I check the url parameter in firebug and it displays correctly with https and a well-formed URL. However, when I execute the ajax function, I see this in firebug:

 301 MOVED PERMANENTLY 192.168.1.9 20 B 192.168.1.9:443 Response Headersview source Connection keep-alive Content-Encoding gzip Content-Length 20 Content-Type text/html; charset=utf-8 Date Wed, 24 Oct 2012 17:33:34 GMT Location http://192.168.1.9/inbound/record-inspection/011234567890123421000000002995/P/?_=1351100020609 Server nginx/1.1.19 Vary Accept-Encoding Request Headersview source Accept */* Accept-Encoding gzip, deflate Accept-Language en-us,en;q=0.5 Connection keep-alive Cookie djdt=hide; csrftoken=sF9RUxrlS6IKURxOryH2d2yT05gMighn; sessionid=9682390da4011e445931643c81be9aae Host 192.168.1.9 Referer https://192.168.1.9/fingerprint/inspect/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:15.0) Gecko/20100101 Firefox/15.0.1 X-Requested-With XMLHttpRequest

As you can see above from the referrer, the HTTPS protocol, but the location in the response header is HTTP? I can’t understand for the whole life why the request passes through the wire as HTTP, and not HTTPS. Answer 301 is accurate because it goes like HTTP, because, again, the web server is configured for HTTPS access only. Any ideas?

+4
source share
2 answers

Ok I messed it up for more than 4 hours, and as soon as I added a slash to the end of the URL, the problem disappeared and everything worked fine. I have no idea why. The web server / web service does not require the slash to function correctly, but for some reason this β€œfixed” it. Thanks for the helpful comments guys.

+15
source

I was also very upset about the same issue. I sent an ajax request from the ssl page as follows:

 $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://"; 
 <script type="text/javascript"> $.ajax({ url: "<?php echo $protocol.$_SERVER['HTTP_HOST'].$this->url(array("action"=>"autocomplete", "controller"=>"ajax", "module"=>"default"));?>", data: { term: $("#keyword").val()}, dataType: "json", type: "POST", success: function(data){ response(data); } }); </script>

The problem was that the request header indicates that the reference page is an ssl page, but the response header shows the location of the http page, as in the Rob code graphic above.

I found out that every time you make an ajax request from a response to an ssl page, you get to the same page, that is, an ssl page, and when you make an ajax request from a page other than ssl, the answer will be the same, as a non-ssl page. This is the default rule for ajax request and response.

I think that there should definitely be a problem on the part of my code that forces me to respond to HTTP from the moment of sending from https. Precisely, my suspicion was correct. Actually there was a default code that forces redirecting the response to the http page instead of https. I am using the previous code:

  class Custom_Customplugins extends Zend_Controller_Plugin_Abstract { public function preDispatch(Zend_Controller_Request_Abstract $request) { $action = $request->getActionName(); $controller = $request->getControllerName(); $module = $request->getModuleName(); $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://"; $host = $_SERVER['HTTP_HOST']; if($host != "www.xyz.com") { if($protocol == "http://") { } } else { $r = new Zend_Controller_Action_Helper_Redirector(); $u = new Zend_Controller_Action_Helper_Url(); if( ($action == "index" && $controller == "index" && $module == "default") || ($action == "login" && $controller == "index" && $module == "default") || ($action == "businessownerregistration" && $controller == "index" && $module == "default") || ($action == "customerregistration" && $controller == "index" && $module == "default") || ($action == "index" && $controller == "changepwd" && $module == "admin") || ($action == "index" && $controller == "businessowner" && $module == "businessowner") || ($action == "changepwd" && $controller == "serviceprovider" && $module == "businessowner") || ($action == "index" && $controller == "customer" && $module == "default") ) { if($protocol == "http://") { $r->gotoUrl('https://'.$host.$u->url(array("action"=>$action, "controller"=>$controller, "module"=>$module)))->redirectAndExit(); } } else { if($protocol == "https://") { $r->gotoUrl('http://'.$host.$u->url(array("action"=>$action, "controller"=>$controller, "module"=>$module)))->redirectAndExit(); } } } } }

After correction, the code:

 <?php class Custom_Customplugins extends Zend_Controller_Plugin_Abstract { public function preDispatch(Zend_Controller_Request_Abstract $request) { $action = $request->getActionName(); $controller = $request->getControllerName(); $module = $request->getModuleName(); $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://"; $host = $_SERVER['HTTP_HOST']; if($host != "www.xyz.com") { if($protocol == "http://") { } } else { $r = new Zend_Controller_Action_Helper_Redirector(); $u = new Zend_Controller_Action_Helper_Url(); if( ($action == "index" && $controller == "index" && $module == "default") || ($action == "login" && $controller == "index" && $module == "default") || ($action == "businessownerregistration" && $controller == "index" && $module == "default") || ($action == "customerregistration" && $controller == "index" && $module == "default") || ($action == "index" && $controller == "changepwd" && $module == "admin") || ($action == "index" && $controller == "businessowner" && $module == "businessowner") || ($action == "changepwd" && $controller == "serviceprovider" && $module == "businessowner") || ($action == "index" && $controller == "customer" && $module == "default") ) { if($protocol == "http://") { $r->gotoUrl('https://'.$host.$u->url(array("action"=>$action, "controller"=>$controller, "module"=>$module)))->redirectAndExit(); } } else if( ($action == "autocomplete" && $controller == "ajax" && $module == "default") || ($action == "refreshcaptcha" && $controller == "index" && $module == "default") ) { } else { if($protocol == "https://") { $r->gotoUrl('http://'.$host.$u->url(array("action"=>$action, "controller"=>$controller, "module"=>$module)))->redirectAndExit(); } } } } } ?>

and now my https page is working fine

+1
source

Source: https://habr.com/ru/post/1441873/

More articles:


All Articles