AbleCommerce Shopping Cart Software


http://forums.ablecommerce.com/

R11 Canonical link not updated when Storewide SSL enabled

http://forums.ablecommerce.com/viewtopic.php?f=65&t=18705

Page 1 of 1

R11 Canonical link not updated when Storewide SSL enabled

Posted: Fri Feb 19, 2016 3:57 am
by AbleMods
I've doing quite a bit of work with Facebook Open Graph tags recently and have discovered something.

When the store is configured for storewide SSL, the PageHelper.BindMetaTags() routine does not update the canonical link accordingly. It's still populated as HTTP even though the entire store is HTTPS.

This causes redirect issues with places like Facebook. Facebook sees the HTTPS url, but then takes the specifical HTTP canonical link as gospel and tries to hit it. But hitting the HTTP url forces a redirect back to HTTPS. So Facebook gets stuck in a redirect loop trying to hit a canonical url that will always force a redirect and it just loops over and over.

In the Facebook debugger, you'll see this:
Capture.JPG
The underlying reason for this is the Store Url in the Configure->Security->System Settings page. When you enable SSL on all pages, the store url is not updated accordingly. So this causes pages to render with a HTTP canonical url while the actual page is HTTPS.

I tested updating the store url to HTTPS, and it seems to be a suitable workaround. Facebook seems to like it just fine now.

I looked in the R11 SR patch notes, didn't see this one listed. So I thought I would mention it in case anyone else encountered it.

Re: R11 Canonical link not updated when Storewide SSL enabled

Posted: Fri Feb 19, 2016 5:37 am
by Katie
In the SSL patch and the SR1 patch for Gold R11, we fixed issue AC8-2990 (Sitemap should generate HTTPS based URLs for secure pages.) by adding some javascript to the SSL configuration page so the Store URL would change from http to https. This change was actually required for other SSL issues like the links generated in the email templates.

The name of the bug report didn't accurately describe what we did because it described the symptom of the issue instead.

Sorry if there was any confusion. If you have any other stores using the "Secure all pages" feature, make sure to apply the SSL patch at a minimum. The SR1 update would be better and it includes all the issues fixed in the SSL patch.

Thanks
Katie

Re: R11 Canonical link not updated when Storewide SSL enabled

Posted: Fri Feb 19, 2016 5:52 am
by AbleMods
Perfect Katie, thanks for the detail. Hey at least I checked the patch notes first this time :)

We're planning on starting the SR merge today. We definitely want to get it implemented and thanks so much for putting one together !
All times are UTC-05:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/