mike_henden

Hi folks, bit of a curly template question here. I have a two-level navigation setup that I’ve used since SS2. When navscript.js is tripped the second-level dropdown navigation appears. This is triggered by calling the script just before the closing </html> tag on http://Page.ss

So I’ve set things up as normal. http://HomePage.ss (which is modified version of the ‘main’ (top level) http://Page.ss works as expected, even without the inclusion of the script call before the closing </html> tag, on all pages derived from http://Page.ss the script doesn’t fire…

Removing the script from http://Page.ss means nothing loads at all…

Doesn’t make any sense at all to me??? 🤔

MichalKleiner

part of our .env ^

  1. SS_TRUSTED_PROXY_IPS="127.0.0.1,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"
  2. SS_TRUSTED_PROXY_PROTOCOL_HEADER="HTTP_X_FORWARDED_PROTO"
  3. SS_TRUSTED_PROXY_HOST_HEADER="HTTP_X_FORWARDED_HOST"
  4. SS_TRUSTED_PROXY_IP_HEADER="HTTP_X_FORWARDED_FOR"
guttmann

had a similar issue when I was setting up a local docker environment that was doing the same thing

MichalKleiner

if it’s good for the govt it can’t be that bad for business, right?

halles

Yes it’s a CWP project. Because we have more than just the environments that CWP provides by default and we need to lock them out. Using “test” just doesn’t allow one to access the lostpassword URLs. And locally we don’t have SSL. And finally just setting test in heroku sends you into a https / http loop.