Loren Strand
Forum Replies Created
-
How would I assist the webhost to identify this behavior as a “real bug”? From his viewpoint, the redirect only worked when the policy is downgraded from “strict”. I suggest the question to your dev team might be: 1) Did we create our code to conform with Header set Referrer-Policy: “strict-origin” ? , and, 2) might we want to test in our dev sandbox this situation to see if we can replicate the error? If the answer is 1) yes we coded to the strict-origin standard, and 2) we tested and cannot replicate, then I would agree that it is not a replicated (or “real”) bug and, therefore, may be something configured in hosting.
If the dev team did not code to strict-origin or the error can be replicated, then your team would know if it is a “real” bug.
That’s my two cents. I am curious what you choose to do.
Anyways, have a great day and thanks again!
Hi Matheus, thanks for the reply. I hear your explanation and will share with the web host to see if he agrees. And, I understand that when issues arise, because you are an established market leader, there would be likely other reports of similar issues. That doesn’t exclude a bug in code yet you are stating that this sort of bug is improbable.
Thank you again for your professional assistance 🙂
Hi Matheus, yes I agree the redirection to the success page is now working. I was able to replicate a success condition. So what changed?
Here is an explanation of the host provider. Some of this is above my current paygrade to understand.
The webhost writes, “Something about the GiveWP plugin is violating strict-origin referrer policy.
For example, when someone accesses catholicmenofamerica.com – regardless of what they type into their browser, the platform itself converts them to https://catholicmenofamerica.com
Once there, anything they click is https://
In the GiveWP System Info area, all the success and failure URLs are correctly set as https:// but something isn’t doing that.
In the browser’s debug console, we can see there are a lot of JavaScript files that comprise the GiveWP plugin and since things are stalled, that is indicative that something somewhere in some corner of one of the many GiveWP plugin JavaScript files, something is using http:// instead of https://.
In the case of our environment, we don’t allow that kind security problem, due to our tightness with strict-origin policy. Unless GiveWP fixes that bug, the only way to get it working is to change strict-origin to same-origin.”
I don’t know if this analysis is correct. You may want to share this with your dev team to see if it is helpful in addressing hosts with strict-origin policies. It would be nice to have a fix so that we may return to the strict-origin policy.
What do you think? Is there anything more to ask the webhost that would help you/the team? Is this a fix or a feature from GiveWP’s viewpoint? I am curious.
I look forward to your reply. Thank you.
Plus, I deactivated all these plugins incrementally and the error still exists:
Import and export users and customers
When Last Login
RedirectionYoast Duplicate Post
Yoast SEO
Duplicator Pro
Easy Updates ManagerActiveCampaign
Backuply Pro
Conditionally display featured image on singular pages and posts
reCaptcha by BestWebSoftUltimate Category Excluder
SMTP2GO – Email Made Easy
Site Kit by Google
Classic EditorI did not turn off Elementor, Elementor Pro, Give – Donation Plugin, Indeed Ultimate Membership Pro.
What next please?
Thank you for your reply Matheus. I turned off the LightSpeed Cache plugin (see system report below). I cleared the GiveWP cache. I replicated the issue twice in an incognito window. The same behavior occurs (no redirect to success page).
I will leave the cache off for a day so if you look at it you may confirm.
I have a video to show the error if you desire to see it. Bottom line, what would you like me to try next, please?
Kindly, Loren
WordPress Environment Home URL: https://catholicmenofamerica.com/wp
Site URL: https://catholicmenofamerica.com/wp
WP Version: 6.3.1
WP Multisite: –
WP Memory Limit: 5 GB
WP Debug Mode: ✔
WP Cron: ✔
Language: en_US
Permalink Structure: /%postname%/
Show on Front: page
Page on Front: CMA Home Page (#2304)
Page for Posts: Unset
Table Prefix Length: wp_
Table Prefix Length: 3
Table Prefix Status: Acceptable
Admin AJAX: Accessible
Registered Post Statuses: publish, future, draft, pending, private, trash, auto-draft, inherit, request-pending, request-confirmed, request-failed, request-completed, refunded, failed, revoked, cancelled, abandoned, processing, preapproval, dp-rewrite-republish Server Environment Hosting Provider: DBH: localhost, SRV: catholicmenofamerica.com
TLS Connection: Connection uses TLS 1.3
TLS Connection: Probably Okay
Server Info: LiteSpeed
PHP Version: 7.4.33
PHP Post Max Size: 256 MB
PHP Time Limit: 18000
PHP Max Input Vars: 1000
PHP Max Upload Size: 256 MB
cURL Version: 7.87.0, OpenSSL/1.1.1p
SUHOSIN Installed: –
Default Timezone is UTC: ✔
fsockopen/cURL: ✔
SoapClient: ❌Your server does not have the SoapClient class enabled - some gateway plugins which use SOAP may not work as expected.
DOMDocument: ✔
gzip: ✔
GD Graphics Library: ✔
Multibyte String: ✔
Remote Post: ✔
Remote Get: ✔ GiveWP Configuration GiveWP Version: 2.33.2
GiveWP Cache: Enabled
Database Updates: All DB Updates Completed.
Database Updates: All Database Migrations Completed.
Database Tables: ✔ wp_give_donors✔ wp_give_donormeta✔ wp_give_comments✔ wp_give_commentmeta✔ wp_give_sessions✔ wp_give_formmeta✔ wp_give_sequential_ordering✔ wp_give_donationmeta✔ wp_give_revenue✔ wp_give_migrations✔ wp_give_log
GiveWP Cache: Enabled
GiveWP Cache: ✔New Donation✔Donation Receipt✔Donation Processing Receipt❌New Offline Donation❌Offline Donation Instructions✔New User Registration✔User Registration Information✔Donation Note✔Email access
Upgraded From: 2.33.1
Test Mode: Enabled
Currency Code: USD
Currency Position: Before
Decimal Separator: .
Thousands Separator: ,
Success Page: https://catholicmenofamerica.com/wp/donation-success/
Failure Page: https://catholicmenofamerica.com/wp/donation-failed/
Donation History Page: https://catholicmenofamerica.com/wp/donor-dashboard/
GiveWP Forms Slug: /donations/
Enabled Payment Gateways: Stripe - Credit Card *(v2)
Default Payment Gateway: Stripe - Credit Card *(v2)
PayPal IPN Notifications: IPN received for #569 ( 3BJ13728U1945920U ) on 04/24/2021 at 21:55. Status VERIFIED
Donor Email Access: Enabled
Stripe Webhook Notifications: January 4, 2023 4:47 am Active GiveWP Add-ons Other Active Plugins ActiveCampaign: by ActiveCampaign – 8.1.12
Backuply Pro: by Softaculous – 1.1.8
Classic Editor: by WordPress Contributors – 1.6.3
Conditionally display featured image on singular pages and posts: by Cyrill Bolliger – 3.1.1
Duplicator Pro: by Duplicator – 4.5.13
Easy Updates Manager: by Easy Updates Manager Team – 9.0.17
Elementor: by Elementor.com – 3.16.4
Elementor Pro: by Elementor.com – 3.16.2
Import and export users and customers: by codection – 1.23.3
Indeed Ultimate Membership Pro: by WPIndeed Development – 10.1
reCaptcha by BestWebSoft: by BestWebSoft – 1.73
Redirection: by John Godley – 5.3.10
Site Kit by Google: by Google – 1.109.0
SMTP2GO - Email Made Easy: by SMTP2GO – 1.5.6
Ultimate Category Excluder: by Marios Alexandrou – 1.7
When Last Login: by Yoohoo Plugins – 1.2.2
Yoast Duplicate Post: by Enrico Battocchi & Team Yoast – 4.5
Yoast SEO: by Team Yoast – 21.2 Inactive Plugins Activity Log: by Activity Log Team – 2.8.8
bbPress: by The bbPress Contributors – 2.6.9
Contact Form 7: by Takayuki Miyoshi – 5.8
Contact Form 7 Email Add On: by KrishaWeb – 1.9
Contact Form CFDB7: by Arshid – 1.2.6.7
Festinger Vault: by Festinger Vault – 3.8.1
LiteSpeed Cache: by LiteSpeed Technologies – 5.6 Theme Name: Hello Elementor Child
Version: 1.0.1
Author URL: https://elementor.com/
Child Theme: Yes
Parent Theme Name: Hello Elementor
Parent Theme Version: 2.8.1
Parent Theme Author URL: https://elementor.com/?utm_source=wp-themes&utm_campaign=author-uri&utm_medium=wp-dash