Chrome Version 44.0.2403.89 m is trying to force HTTPS

With the release of Chrome Version 44.0.2403.89 m, I've noticed that our site is now completely broken. All of the HTTP URLs are being redirected to HTTPS URLs, which is a problem because our site does not support HTTPS.

Please note, this is not happening in any other browser, and was working on the previous Chrome release.

I've tried to replace all of our stylesheet calls with relative links, and that has worked, but the images that are loaded in automatically or through absolute paths as well as the navigation is still broken. Please see below image for the error page that is thrown when navigating, after accepting the security warning and proceeding.

Error thrown when navigating to a page.

Anyone have any advice as far as updating perhaps the .htaccess file goes, or something in functions?

Thanks.

Answers 5

  • Solution 1: Enable mod_header on the server and added this rule to my appache2.conf file:

    <IfModule mod_headers.c>
      RequestHeader unset HTTPS
    </IfModule>
    

    Solution 2: Or you need to add the code to fonction.php file of your current theme:

    function https_chrome44fix() {
      $_SERVER['HTTPS'] = false;
    }
    add_action('init', 'https_chrome44fix',0); 
    

  • This seems to be a bug that affects only Apache which is sending the user value for the header HTTPS as unprefixed header HTTPS instead of HTTP_HTTPS.

    You should be able to fix that with a simple plugin:

    if ( empty ( $_SERVER['SERVER_SOFTWARE'] ) )
        return;
    
    if ( FALSE === stristr( $_SERVER['SERVER_SOFTWARE'], 'apache' ) )
        return;
    
    if ( empty ( $_SERVER['HTTPS'] ) )
        return;
    
    if ( '1' === $_SERVER['HTTPS'] )
        $_SERVER['HTTPS'] = FALSE;
    
    if ( '1' === $_SERVER['HTTP_HTTPS'] )
        $_SERVER['HTTP_HTTPS'] = FALSE;
    

  • WooCommerce has released an update fixing this problem (at least for me)

    Fix - Fixed Google Chrome forcing to use SSL. This can cause some issues on websites behind load balancers or reverse proxies. Read more.

    Detailed notes at their blog post or in GitHub.

    Make sure to refresh your caching plugins after updating, if you are using one.



  • You need to add the code to fonction.php file of your current theme:

    if (!is_ssl()) {
     $_SERVER['HTTPS'] = false;
    }
    

Related Questions