Post by ibn » Sat Nov 19, 2016 6:43 am

Hello everybody,

since I'm using SSL on my shop, I get on each visit a error in the Browser Console. Sometimes my shops redirect me to http:// is that normal? I thought after activating ssl everything will work over https

Code: Select all

Access to Font at 'https://www.mysite.de/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0' from origin 'https://www.mysite.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://mysite.de' is therefore not allowed access.
Found on Stackoverflow some possible solutions, but they are not working. I hope I will get help here :)

My opencart version is: 2.3.0.2

Best Regards

ibn
Newbie

Posts

Joined
Sun Dec 28, 2014 10:30 am

User avatar
Active Member

Posts

Joined
Fri Mar 27, 2015 11:13 pm
Location - Denver, Colorado, USA

Post by ibn » Fri Nov 25, 2016 3:07 pm

EvolveWebHosting wrote:Check your site at whynopadlock.com and post your domain here so others can help you out.
Thanks for your request. In the whynopadlock.com everything looks fine. My domain is www.shisha-united.de

ibn
Newbie

Posts

Joined
Sun Dec 28, 2014 10:30 am

Post by EvolveWebHosting » Fri Nov 25, 2016 11:33 pm

ibn wrote:
EvolveWebHosting wrote:Check your site at whynopadlock.com and post your domain here so others can help you out.
Thanks for your request. In the whynopadlock.com everything looks fine. My domain is http://www.shisha-united.de
Hi,

Do you have a redirect setup in your .htaccess file to direct all http requests to https?

Image
https://www.evolvewebhost.com
Free 30 day Shared Web Hosting Trial
$10.49 .com Registration and $9.99 .com Transfers in now - Experience a higher level of support and reliability
Image


User avatar
Active Member

Posts

Joined
Fri Mar 27, 2015 11:13 pm
Location - Denver, Colorado, USA

Post by ibn » Sat Dec 03, 2016 11:33 pm

EvolveWebHosting wrote:
ibn wrote:
EvolveWebHosting wrote:Check your site at whynopadlock.com and post your domain here so others can help you out.
Thanks for your request. In the whynopadlock.com everything looks fine. My domain is http://www.shisha-united.de
Hi,

Do you have a redirect setup in your .htaccess file to direct all http requests to https?
No, I have only the default .htaccess file

ibn
Newbie

Posts

Joined
Sun Dec 28, 2014 10:30 am

Post by Nyrk0 » Fri Mar 31, 2017 11:26 am

Had the same http 200 error with that font file.

Solution:
http://stackoverflow.com/questions/1397 ... -https-www
To first force HTTPS, you must check the correct environment variable %{HTTPS} off, but your rule above then prepends the www. Since you have a second rule to enforce www., don't use it in the first rule.

RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Worked for me.

Newbie

Posts

Joined
Tue Sep 18, 2012 4:46 am

Post by MrPhil » Sun Sep 09, 2018 10:58 pm

This is not a good solution. If the incoming URL is without www and with http, you will get two redirect round trips. This is slow, and a big search engine penalty. You want to catch both cases in one redirect (R=301):

Code: Select all

RewriteEngine On
RewriteCond  %{HTTPS}  !on  [OR]
RewriteCond  %{HTTP_HOST}  !^www\.  [NC]
RewriteRule  ^(.*)$  https://www.mydomain.com/$1  [R=301,L]
is one way to do it. Note that it is not using %{HTTP_HOST} in the rewrite, because that value is whatever the user typed in, and could be either www.mydomain.com or mydomain.com, so you need to hard code the domain name. If subdomains or add-on (alternate) domains are in use, it gets still more complicated. Just be aware.

User avatar
Active Member

Posts

Joined
Wed May 10, 2017 11:52 pm
Who is online

Users browsing this forum: No registered users and 4 guests