I have found a severe error in the Candy theme (when running under HTTPS)
In WP-Admin, under “Theme Settings” -> “Logo” when clicking “Upload image”, the Chrome Developer Tools shows the following error message:
Refused to display ‘https://www.myescorts.com/wp-admin/media-upload.php?type=image&’ in a frame because it set multiple ‘X-Frame-Options’ headers with conflicting values (‘SAMEORIGIN, DENY’). Falling back to ‘deny’.
This theme has been correctly installed, and WordPress is correctly set up, so it’s an error in the theme itself.
I hope that you who have developed this theme will see this forum, and fix it for the benefit of all of your clients. I also posted just a few minutes ago about links to Google Fonts being incorrectly implemented. I am happy to work with your developer team to look for errors in the theme, and help you correct them. Please reach out to me privately on my email address in my profile.
With kind regards/
of course we developed the theme 🙂
No sure what cause the problem, we never had the problem before, but maybe it has to do with SSL / HTTPS. We checked our code for this function and we used only basic WordPress code, normally it should work, also with SSL.
Can you tell me what browser you use? Chrome?
Great, thanks for coming back to me.
Yes, I use Chrome – the error message I pasted above is from the Chrome Developer Tools.
If you would like to, we could perhaps get on a TeamView session, where I could show you what is happening? Have you tested the wp-admin on a site secured with HTTPS yourselves?
With best regards/
yes, we tested it with HTTPS, but we don’t got the error. These days we had a similar problem with a new developed product and the chrome browser, the problem there was that we used the url first with “www.” and for the ajax request without “www.” in the url, have you tested to access your admin via the url “myescorts.com”?
OK, that might be the explanation. On our server, we use Nginx to redirect, so that any request to http or https myescorts.com automatically gets redirected to https://www.myescorts.com. This is also the URL that we have set for WordPress.
Could you advice when change I need to make in the code, to make the Theme work with a site that always redirects to http://www.myescorts.com? Ideally your theme should not be sensitive to this. Some people like the www, some prefer without. Whatever you choose as your site URL should ideally work with the theme.
With best regards/
Ideally your theme should not be sensitive to this. Some people like the www, some prefer without
I’m sorry, but for the logo upload we use the WordPress uploader, it is not a function of our theme, it’s a WordPress core feature. But we will take a look at it and try to solve the problem. In the meantime you can add the URL of the uploaded logo manually in the input field for the logo in the theme options.
Thats great, thank you for that.
Can I ask if you have tried to install your Theme on a site with HTTPS yourselves, on a domain that starts with https://www.mysite.com ? It would be super useful if you could that to install the theme on a clean wordpress installation on a site like that (just like I did), and test the admin, and also run the site with Chrome Developer Tools active, and look for all error messages that pops up.
I think all of us clients would ber very grateful for that!
Thank you in advance!
Of course we tested our themes with https, we test all our themes on 5 different server without and with https before we release them, we do more than 180 different tests to make sure the themes are working. And Chrome Developer tools is the minimum we do while developing the themes.
You must be logged in to reply to this topic.