[MGNLLIC-86] License key form generates non-https action URL Created: 21/Sep/21  Updated: 04/May/23  Resolved: 04/May/23

Status: Closed
Project: Magnolia License
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Neutral
Reporter: Marty Glaubitz Assignee: Evzen Fochr
Resolution: Duplicate Votes: 0
Labels: ready
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Ubuntu


Issue Links:
duplicate
duplicates MGNLEE-708 Initial license page uses incorrect U... Closed
relation
supersession
supersedes MGNLEE-497 License Page doesn't work as expected... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Epic Link: Magnolia License maintenance
Team: AdminX
Work Started:

 Description   

Following happened today: customer support send us a new license key, but the key was faulty and entering it disabled pretty much all CMS features (including apparently all sites). The CMS then only show the license key dialog when you try to access Admincentral. However our setup enforces HTTPS everywhere and the action URL for the license form was generated as an HTTP Url, so i had to go in with the browser dev tools and make it an HTTPS URL to be able to successfully submit the form. Somebody could've easily got stuck here... Especially bad the production CMS just was disabled by a faulty license key... 

Steps to reproduce

  1.  Put Magnolia behind a proxy which enforces HTTPS via redirect rules
  2.  Enter a license key which, although valid, is not the correct one for the CMS edition
  3. Try to enter the license information in the dialog

Sorry, i have no screenshots...

Expected results

License should be accepted and CMS functionality be enabled

Actual results

You'll get stuck in an endless loop because the proxy (or even the browser) refuse to accept a non-HTTPS form post

Workaround

Edit the form with the dev tools and make the URL HTTPS

Development notes



 Comments   
Comment by Gabor Bodo [ 27/Jan/23 ]

I can confirm this issue also affects us, and had to use the same Dev Tools workaround.

Generated at Mon Feb 12 06:00:27 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.