This pops up now when I start typing in a node reference or user reference field (but for some reason, not in a taxonomy reference field):

(see attached image, text below for Google searches)
"An AJAX HTTP error occurred.
HTTP Result Code: 301
Debugging information follows.
Path: https://?q=node_reference/autocomplete/node/slide_show/field_related_news_story
StatusText: Moved Permanently
ResponseText:"

This is the link it's attempting:
https://?q=node_reference/autocomplete/node/slide_show/field_related_news_story

When I paste the link into the URL, it does indeed rewrite to:
http://node_reference/autocomplete/node/slide_show/field_related_news_story

which displays expected content.

I'm suspicious that it has something to do with this:
Drupal 7.39 Release Notes

CommentFileSizeAuthor
#4 Screenshot from 2015-09-03 01:33:39.png20.01 KBgundara
#3 301_ajax_error.PNG10.23 KBmausolos

Comments

mausolos created an issue. See original summary.

mausolos’s picture

mausolos commented
Issue summary: View changes
mausolos’s picture

mausolos commented
StatusFileSize
new 301_ajax_error.PNG10.23 KB
gundara’s picture

gundara commented
StatusFileSize
new Screenshot from 2015-09-03 01:33:39.png20.01 KB

same here with product references and drupal commerce

torgospizza’s picture

torgospizza
he/him
Primary language English
Location Portland, OR
commented

Getting this with Drupal 7.40 also.

Seems like it should be an easy fix.

toddwoof’s picture

toddwoof commented

I'm not sure this is the same issue - but I was seeing this, since updating, and it seems to have been an issue with AJAX and Secure Pages (so, maybe the same thing).

I was getting that AJAX error when trying to add a product line item to an order in Commerce, which uses an autocomplete field. Error was on the path: .../?q=commerce_product/autocomplete/commerce_product/line_item_product_selector/product

Once I added commerce_product/* to secure pages, it fixed it.

mausolos’s picture

mausolos commented

It might indeed be SecurePages. However, it occurs on pages that SHOULD be secure, so this really isn't a solution for us. The problem persists in 7.41. This is a huge issue, since it impacts our ability to stay up to date with the most current secure version of Drupal. Is anyone able to help us address this?

mausolos’s picture

mausolos commented

Actually, I can't seem to find any similar issues with securepages. Does anyone have a link to such an issue?

toddwoof’s picture

toddwoof commented

Secure pages came to mind because we have two environments (development and live), which are identical, except that we turn off secure pages in the development environment. This problem only happened in the live environment, anywhere an autocomplete field was used in a page accessed via https (so, not only in Commerce).

Adding these paths to Secure Pages stopped the error, and made the fields work again:

commerce_product/*
*/autocomplete/*

But, I don't know that the problem is with Secure Pages, and of course making the error go away doesn't mean it's the right fix. It does seem to have to do with trying to redirect, so maybe Global Redirect (as mentioned in the release notes for 7.39), and/or something else is involved. Will do some testing and see if turning off Global Redirect but keeping Secure Pages on (without those paths in Secure Pages) changes things.

mausolos’s picture

mausolos commented
Priority: Critical » Normal

"*/autocomplete/*" does make this usable for us. However, I'd be curious what (if any) the security implications are for CSRF using this workaround. Or maybe this is precisely what ignore is for, and this isn't considered a workaround at all? In any case, given this gets us at least to "working", I'm changing the status to Normal. I'd suggest reviewing the code against the 7.39 notes, but I wouldn't be shocked if this was closed as "works as designed".

Thank you!
Charles