OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – HTML, JavaScript, CSS, Design Questions Cross-site Requests to orocrm.com – Are They Necessary?

This topic contains 9 replies, has 6 voices, and was last updated by  Rodolfo 6 years, 3 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Author
  • #25610

    Dima Soroka

    Hi Tim

    We have this JS code in order to enable “Ask a question” form later on. It should not block page load and we’ll verify this issue.



    Alexandr Smaga

    Hello @etoulas!

    We tried to reproduce this issue, but we could not.
    Could you please give us more details ?

    I tried to setup ipfw on my mac that blocks all requests to crm.orocrm.com.
    And it works as it should, page was not blocked and after timeout which equals 2 secs, I’ve seen reported error in JS console.
    The same behavior if embedded script is not accessible due to slow connection.



    This request has been blocked; the content must be served over HTTPS.

    Any update about this?


    Dima Soroka

    Hi @Rodolfo

    It must be over HTTPS, do you have a case when it is not?



    Hi Dima @soroka

    For some reason, it doesn’t translate this: https://github.com/orocrm/platform/blob/master/src/Oro/Bundle/PlatformBundle/Resources/views/have_request.html.twig#L7 to https

    Not sure if I’m missing some config or if it’s indeed an issue.


    Ivan Klymenko

    Thanks Rodolfo! We will check it.



    Thanks Ivan,

    Just a heads up, I found another problem that occurs when we click on “Configure Integration”:

    Channel -> Create Channel -> Select: Magento -> “Configure Integration” (To open to modal window)

    Mixed Content: The page at ‘https://ACME/channel/create’ was loaded over a secure connection, but contains a form which targets an insecure endpoint ‘http://ACME/channel/integration/create/magento/test?_wid=XXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX&_widgetContainer=dialog’. This endpoint should be made available over a secure connection.


    Dmitry Shikalenko

    Hi @Rodolfo

    I tried to reproduce your issue but I couldn’t. I checked older versions till 1.6 as well. Moreover the AJAX request that leads to error is sent with relative path so having different schema there looks quite strange.

    Could you provide more information about your conditions? For instance OS, browser, any extra pluging or software that have chance to impact on this functionality




    Thank you very much for your effort @dshykalenko
    I’m forcing any http to go over https. These are my actual configuration:



Viewing 9 replies - 1 through 9 (of 9 total)

The forum ‘OroCRM – HTML, JavaScript, CSS, Design Questions’ is closed to new topics and replies.

You will be redirected to [title]. Would you like to continue?

Yes No