Details
-
Bug
-
Resolution: Invalid
-
High
-
4.7.0
-
None
-
None
-
eZ Publish 4.x
Description
Form generation does not take into account the need to convert form action when ssl zone is defined for the module/function
For instance, if one setups a site.ini with the following:
[SSLZoneSettings] SSLZones=enabled ModuleViewAccessMode[] ModuleViewAccessMode[content/tipafriend]=ssl ModuleViewAccessMode[content/action]=ssl ModuleViewAccessMode[user/*]=ssl ModuleViewAccessMode[content/*]=keep ModuleViewAccessMode[layout/*]=keep ModuleViewAccessMode[ezjscore/call]=keep
And attempts to create some content from the front end, an "Object is unavailable" error will show up as soon as one submits the "create here" form.
What actually happens right now is that the form is sent in HTTP and the redirection to HTTPS takes place on the server, but as expected, the posted values are lost in the process
Steps to reproduce:
Configure an environment with the SSLZones (as defined above)
Login in front end, select a class, and click the "create here" button