network protocol violation on Joomla 3.8.4
krileon
Team Member- ONLINE
- Posts: 68563
- Thanks: 9098
- Karma: 1434
6 years 3 months ago #301656
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic network protocol violation on Joomla 3.8.4
Don't think sending credentials will do any good. It's an issue directly in Joomlas routing behavior. If possible please revert to a backup for Joomla 3.8.3. I'm not sure if you can downgrade Joomla so if you've no backup available I don't have anything to suggest as CB can not alter the core routing code. More details can be found below.
github.com/joomla/joomla-cms/issues/19504
Folks, please hang in there. We can't do anything about this. It's a full B/C break with no clarification or how to implement compatibility. We're all at a stand still here expecting a quick 3.8.5 release soon to fix it.
github.com/joomla/joomla-cms/issues/19504
Folks, please hang in there. We can't do anything about this. It's a full B/C break with no clarification or how to implement compatibility. We're all at a stand still here expecting a quick 3.8.5 release soon to fix it.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- mikerotec
- OFFLINE
-
Platinum Member
- Posts: 351
- Thanks: 28
- Karma: 2
6 years 2 months ago #301833
by mikerotec
Replied by mikerotec on topic network protocol violation on Joomla 3.8.4
Fixed now with 3.8.5, but I found that turning off "force https" in Joomla was at least a partial workaround (allowed the site to work, but users still had to delete their cookies or they would get a redirect loop error on login)
2 questions:
1) do you know if anyone has put the "HTTPS:" bugs into the Joomla github buglist? It's like they never even TESTED 3.8.4 on an HTTPS site!!
2) Whats the best practice, from the point of view of CB? It is all working fine with no "Force HTTPS:" setting in Joomla and no "Encrypt Login Form" in CB. Is that some sort of legacy setting, or is there a good reason to have them both on??
2 questions:
1) do you know if anyone has put the "HTTPS:" bugs into the Joomla github buglist? It's like they never even TESTED 3.8.4 on an HTTPS site!!
2) Whats the best practice, from the point of view of CB? It is all working fine with no "Force HTTPS:" setting in Joomla and no "Encrypt Login Form" in CB. Is that some sort of legacy setting, or is there a good reason to have them both on??
Please Log in to join the conversation.
- krileon
- Team Member
- ONLINE
- Posts: 68563
- Thanks: 9098
- Karma: 1434
6 years 2 months ago #301835
by krileon
issues.joomla.org/
github.com/joomla/joomla-cms/issues
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic network protocol violation on Joomla 3.8.4
You can check the issue tracker below.1) do you know if anyone has put the "HTTPS:" bugs into the Joomla github buglist? It's like they never even TESTED 3.8.4 on an HTTPS site!!
issues.joomla.org/
github.com/joomla/joomla-cms/issues
Force HTTPS should work fine assuming you don't have some odd redirect loops going on. For example live_site should be empty in configuration.php and you need to ensure any redirects you use on your site are non-SEF beginning with index.php. You shouldn't have any SEF or HTTPS issues then. CBs encrypt login form parameter just changes the URL to HTTPS for login/registration forms and checks to make sure the POST is done to HTTPS or it'll be rejected.2) Whats the best practice, from the point of view of CB? It is all working fine with no "Force HTTPS:" setting in Joomla and no "Encrypt Login Form" in CB. Is that some sort of legacy setting, or is there a good reason to have them both on??
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- DG5FU
- OFFLINE
-
New Member
- Posts: 19
- Thanks: 1
- Karma: 0
6 years 2 months ago #301836
by DG5FU
Replied by DG5FU on topic network protocol violation on Joomla 3.8.4
Hi Mikerotec,
I turned off "Force HTTPS" at Joomla as well and the site was indeet working. However, all SSL mandatory functions (such as facebook login or PayPal communcation) failed at the front end. This caused me to roll back on backup and was really painful as I have 3 digit user posts per day - all of them got lost with the backup.
I am still on 3.8.3 and we are intensive testing 3.8.5 with CB on a mirror site before I will take the decision to upgrade the live pages again. Interesting to know: the original Joomla login form was not affected by this bug and still was working under HTTPS enforcement. Therefore I was looking at CB to bring a solution.
Kyle explained to me to have "Encrypt Login Form" active in the CB Login Module, which I never had active. I switched it on with no effect.
I did not post this bug at github, but followed the posts to better understand the root cause. I also think this bug was caused by improper testing and even I did put this upgrade first on my mirror site, I did not notice the issue. Only loggin off and re-entering the page made the issue visible.
Best,
Andy
I turned off "Force HTTPS" at Joomla as well and the site was indeet working. However, all SSL mandatory functions (such as facebook login or PayPal communcation) failed at the front end. This caused me to roll back on backup and was really painful as I have 3 digit user posts per day - all of them got lost with the backup.
I am still on 3.8.3 and we are intensive testing 3.8.5 with CB on a mirror site before I will take the decision to upgrade the live pages again. Interesting to know: the original Joomla login form was not affected by this bug and still was working under HTTPS enforcement. Therefore I was looking at CB to bring a solution.
Kyle explained to me to have "Encrypt Login Form" active in the CB Login Module, which I never had active. I switched it on with no effect.
I did not post this bug at github, but followed the posts to better understand the root cause. I also think this bug was caused by improper testing and even I did put this upgrade first on my mirror site, I did not notice the issue. Only loggin off and re-entering the page made the issue visible.
Best,
Andy
Please Log in to join the conversation.
- krileon
- Team Member
- ONLINE
- Posts: 68563
- Thanks: 9098
- Karma: 1434
6 years 2 months ago #301839
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic network protocol violation on Joomla 3.8.4
Are you all on PHP 7.2? If not please provide your PHP versions. The only login issues I can confirm are the below.
github.com/joomla/joomla-cms/pull/19199
Using "Force HTTPS" in my tests works perfectly fine. The redirect issues should be fixed with 3.8.5.
github.com/joomla/joomla-cms/pull/19199
Using "Force HTTPS" in my tests works perfectly fine. The redirect issues should be fixed with 3.8.5.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- mikerotec
- OFFLINE
-
Platinum Member
- Posts: 351
- Thanks: 28
- Karma: 2
6 years 2 months ago #301841
by mikerotec
Replied by mikerotec on topic network protocol violation on Joomla 3.8.4
PHP Version 7.1.13 here!
yes, 3.8.5 has solved all issues, as far as I can tell.
I have Joomla "Force HTTPS" off ( same with log in modules, https also off) - and no ill effects here whatsoever ( Paypal payments still coming in fine via CBSubs)
yes, 3.8.5 has solved all issues, as far as I can tell.
I have Joomla "Force HTTPS" off ( same with log in modules, https also off) - and no ill effects here whatsoever ( Paypal payments still coming in fine via CBSubs)
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 0.322 seconds
-
You are here:
- Home
- Forums
- Support and Presales
- Developer Members Support
- network protocol violation on Joomla 3.8.4