Adam

[Adam]

Any clues here?

Request headers

COPY CODE

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: mmstock.wpengine.com
Connection: keep-alive
Content-Length: 60
Cache-Control: no-cache
Pragma: no-cache
Origin: http://mmstock.wpengine.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36
Referer: http://mmstock.wpengine.com/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,es;q=0.6
Cookie: optimizelyEndUserId=oeu1399400978451r0.49796974984928966; _jsuid=2814151028; hsfirstvisit=http%3A%2F%2Fwpengine.com%2F2014%2F02%2F25%2Fwp-engine-introduces-copy-site%2F|https%3A%2F%2Fwww.google.com%2F|1399530671818; __utma=67904087.465359914.1399530670.1399530670.1399530670.1; __utmc=67904087; __utmz=67904087.1399530670.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); optimizelySegments=%7B%22852260298%22%3A%22false%22%2C%22858250216%22%3A%22search%22%2C%22858450478%22%3A%22gc%22%7D; optimizelyBuckets=%7B%7D; _referrer_og=https%3A%2F%2Fwww.google.com%2F; _ga=GA1.2.465359914.1399530670; __hstc=51647990.d59f5ec2ffcf79f21c6a06ff9caf2b77.1399530671820.1399996188709.1400187085641.4; __hssrc=1; hubspotutk=d59f5ec2ffcf79f21c6a06ff9caf2b77; wp-settings-time-2=1400190771; wordpress_test_cookie=WP+Cookie+check

response headers

COPY CODE

HTTP/1.1 403 Forbidden
Server: WP Engine/6.0.2
Date: Fri, 16 May 2014 18:00:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 118
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Origin: http://mmstock.wpengine.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip

[Adam]

So I tested this with only buddypress and sweetdate — no other plugins, and the issue remains. So it’s definitely a configuration issue.

I’ll try experimenting with site URLs and wp HOME.

[Adam]

Also, the code above won’t work for dateboxes. To handle dateboxes, if you’re going to leave Foundation running and go the CSS route:

COPY CODE

.kleo-selectbox .custom.dropdown.expand,
.datebox .custom.dropdown.expand {display:none;}

.kleo-selectbox select,
.datebox select { display: block !important; }

[Adam]

Is input theming all that Foundation does?

Seems like this should be toggle-able in the SD settings, globally. During our user testing many users complained about not being able to use the arrow keys while interacting with select elements, and that the labels for checkboxes and radios were not clickable.

1) Is fixing those two particular UX issues a significant task?
2) Is enabling/disabling custom input styling in the back end something you’d consider for a future SD release?

[Adam]

This has to be a WPengine thing because I set up the same stack on my personal linode server and bad passwords are handled just fine.

If theres anything you guys can point out that may help me in dealing with WPengine support staff that would be GREAT!

[Adam]

65.103.116.25 mmstock.wpengine.com – [15/May/2014:21:15:16 +0000] “GET /wp-admin/admin-ajax.php?action=wp-compression-test&test=1&1400188514561 HTTP/1.1” 200 574 “http://mmstock.wpengine.com/wp-admin/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36”
65.103.116.25 mmstock.wpengine.com – [15/May/2014:21:15:16 +0000] “GET /wp-admin/admin-ajax.php?action=wp-compression-test&test=no&1400188514907 HTTP/1.1” 200 21 “http://mmstock.wpengine.com/wp-admin/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36”
65.103.116.25 mmstock.wpengine.com – [15/May/2014:21:15:17 +0000] “GET /wp-admin/admin-ajax.php?action=dashboard-widgets&widget=dashboard_primary&pagenow=dashboard HTTP/1.1” 499 0 “http://mmstock.wpengine.com/wp-admin/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36”

[Adam]

here’s the relevant access log. No errors logged

[Adam]

Ok I created a fresh install on WPengine with BP 2.0.1 on WP 3.9.1, and SweetDate 2.6.1

Without even getting into domain aliases, I tested on the default Wpengine domains, and found that through the login modal a BAD password results in this (console):

POST http://mmstock.wpengine.com/wp-admin/admin-ajax.php 403 (Forbidden)
(and then a second later)
POST http://mmstock.wpengine.com/wp-login.php net::ERR_EMPTY_RESPONSE

[Adam]

update:

if i add $user_login to line 754 of the sweetdate functions.php, e.g.:

$message = apply_filters( 'retrieve_password_message', $message, $key, <strong>$user_login</strong> );

then I have everything I need in my custom message.

Will hack core for now.. but obviously hoping this is a temporary fix for my project!

[Adam]

Is there an update to sweetdate that you were referring to? I only see 2.6 downloads as the latest

[Adam]

I’m using 3.9.1 and BP 2.0.1 and SweetDate 2.6

Is this a compatibility issue with the theme? I realize SD2.6 lists compatibility only up to BP 1.9

I need to find a temporary fix even if it means hacking core for the time being, as we have some important user testing sessions coming up in 3 days. Right now the problem is limited to the handling of bad passwords. I just need to fix the indicator on the login modal so that it once again notifies the user that they are not progressing because of a bad password.

[Adam]

Sorry, changed back to not resolved because I still have the second issue described above.

When entering the WRONG password I get :

Failed to load resource: the server responded with a status of 403 (Forbidden) on admin-ajax.php (in console)

…but the login modal just spins the “Sending info” message and the user has no idea what’s happening.

[Adam]

When I change the site URL to the aliased domain, e.g. “dev.domain.com” I can log-in via AJAX as expected, but then the issue reverses.. and I cannot login via AJAX at installname.wpengine.com

For now this is fine so you can close this issue,

[Adam]

Update to this issue:

I have two issues with logging in via AJAX sweetdate modal:

1) When attempting to login to the website using a domain alias (e.g. dev.meetmindful.com which is an alias for mmdev.wpengine.com) I get the following console error even when the password is correct:

XMLHttpRequest cannot load http://mmdev.wpengine.com/wp-admin/admin-ajax.php. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://dev.meetmindful.com’ is therefore not allowed access.

…however the modal itself does not communicate any issue whatsoever. It just sits there with a “sending info..” message. This is a critical issue on our site with regard to user experience.

2) When attempting to login to the website at the original domain name (e.g. mmdev.wpengine.com) I get the following error when the password is incorrect:

POST http://mmdev.wpengine.com/wp-admin/admin-ajax.php 403 (Forbidden)

…but again the modal only shows “Sending info” and the user experience is entirely broken.

[Adam]

Could someone tell me if this is even a theme issue? The other methods of logging in with the twentyfourteen theme, etc, don’t use Ajax so it’s difficult to tell.

[Adam]

I found kleo_custom_css and render_css

I’m looking for a way to hook via the sub-theme functions.php to disable these — rather than modify framework files.

Thanks!

[Author]

Posts