Online casino free bonus no deposit philippines,Welke dag is het vandaag in belgie.Recharge Every day and Get Bonus up-to 50%!

Resolved dietcheese
(@dietcheese)

7 years, 10 months ago
We are having a problem when trying to access the Frontend Submissions when the Post Your Event button is embedded via the Superwidget.

Our site, https://uvc.org uses SSL.

This is our embed code, generated by Superwidget:
```
<script class="ai1ec-widget-placeholder" data-widget="ai1ec_superwidget">
  (function(){var d=document,s=d.createElement('script'),
  i='ai1ec-script';if(d.getElementById(i))return;s.async=1;
  s.id=i;s.src='//uvc.org/?ai1ec_js_widget';
  d.getElementsByTagName('head')[0].appendChild(s);})();
</script>
```
When we use the embed code on another SSL-encrypted domain, the Frontend submissions work properly:

https://www.dibrokereast.com/test-embed-2.html

However, when we use the same embed code on a non-SSL-encrypted domain, the Frontend submissions do not function:

https://www.upventures.com/startup-events/

What’s interesting is that, when the Superwidget embed code is used on a non-SSL domain, the request URL to the host domain is incorrectly made to the unencrypted domain:

Remote site uses https://
```
Request URL:https://uvc.org/wp-admin/admin-ajax.php?action=ai1ec_front_end_create_event_form
Request Method:GET
Status Code:301 Moved Permanently
Remote Address:104.196.39.114:80
Referrer Policy:no-referrer-when-downgrade
```
However, when the superwidget embed code is used on another SSL domain, the request URL to the host domain is made correctly to the encrypted domain:

Remote site uses https://
```
Request URL:https://uvc.org/wp-admin/admin-ajax.php?action=ai1ec_front_end_create_event_form
Request Method:GET
Status Code:200 
Remote Address:104.196.39.114:443
Referrer Policy:no-referrer-when-downgrade
```
Headers to rule out cross-domain issues have been implemented on the host and are properly being set when the requesting URL is to https.

Why is the embed code incorrectly calling the non-encrypted URL of our site when it is served from a non-SSL domain?

Viewing 2 replies - 1 through 2 (of 2 total)

Sunny Lal
(@sunny454)

7 years, 10 months ago

Closing duplicate ticket. Please refer to internal helpdesk ticket reply.

Thread Starter dietcheese
(@dietcheese)

7 years, 10 months ago

This has not been resolved.

Basically the Time.ly’s response was that, if our site uses https, any other site that wanted to embed our code would also need to utilize https.

If ones superwidget code is embedded by hundreds of other sites, it’s not practical to have them all require an SSL certificate in order to embed our FrontEnd submissions.

Technically, this requirement doesn’t make sense either: it’s not as if we are transmitting sensitive data which should require encryption.

I would like to hear from anyone in the community that may have a resolution to this issue, or from the plugin developers on how we can edit the existing code to make this possible.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Frontend Submissions Broken In SuperWidget when Remote Site is not SSL’ is closed to new replies.