Chrome beta 44 causing problems with https/SSL

Chrome beta 44 causing problems with https/SSL

google-chrome-fasterJust a heads up, I’ve seen a rash of WordPress site users reporting problems that can be traced back to using Chrome beta version 44. When the user’s browser is rolled back to regular version 43 the issues go away. Symptoms include forcing a WordPress site to use https no matter what settings are changed or set, even on sites that have previously had no SSL at all. This is NOT a symptom of a cached https URL. Fixes I’ve attempted include clearing cache completely, incognito mode, clearing domain from HSTS. I’ve submitted a bug ticket so hopefully this won’t make it into the next Chrome release.

For now, if you or your users see this issue check the version of chrome and uninstall beta/reinstall stable track as needed.

Update: I reported the bug and chrome devs are looking at it. Follow here: https://code.google.com/p/chromium/issues/detail?id=505268

Update 2: The Chrome devs pushed an update to fix this conflict, but although the bug made it into stable version 44 the bug fix didn’t, so until next week (July 27, 2015) a huge chunk of WordPress sites will appear to be insecure in Chrome. I’ve complained about them letting such a massive bug make it into a stable release, we’ll see if they push it out any faster.

Update 3: It looks like the chrome devs have acknowledged the impact of the release and are investigating if a push update can be made early.

Update 4: The problem appears to lie more with faulty plugin coding than anything else – hence the confusion with WooCommerce. Lots of plugins are getting out updates to fix this so check your updates if you haven’t already. More technical info on those pesky http headers can be found here.

Update 5: Chrome pushed out an early update on July 24th. Leave your fixes in place for a while so that users have time to update their browsers. Thanks for all the hard work and community support everyone!

50 Comments
  • nicole
    Posted at 06:17h, 07 July Reply

    thanks for your post. How do you communicate this with your customors? We have the same issue. Do you know its really only a beta-version issue?
    I am a little bit worried and irritated, because several wp-sites are running smoothly and one has this problem.

    • Sarah Bailey
      Posted at 07:14h, 07 July Reply

      Nicole, for this type of issue, where the problem theoretically (more on that later) lies with Chrome rather than their website, I wouldn’t contact my customers. They know to contact me if they have a problem, and there’s technically nothing to be done here, since the problem lies with Chrome, not their site or server. However, for massive issues such as revslider or a serious uptick in hacked sites I will email them all in bulk and inform them of the problem and how to fix it (ie run updates). I use Harvest to track my clients so I can email them all from there. I’ve only done this two times since I’ve been in business though, it’s very rare that a mass email is called for. They can also follow my blog here 😉

      Yes, it’s confirmed there’s a conflict with ONLY Chrome beta, as seen in the bug trac link I posted.

      Now, regarding the actual issue: If you read through the bug trac you’ll see that the problem is ACTUALLY between WooCommerce and Chrome 44, and WooCommerce is the culprit, not Chrome. WooCommerce was supposed to be issuing an update to correct the problem, as noted in the bug trac, but as of yet that has not been issued.

      So if you have one website with this sort of problem, the requirements to confirm that this is indeed the bug affecting it is to check that 1) It loads fine in Chrome 43 but not 44, and 2) It is running WooCommerce. If neither of those is true then your site has a different problem, likely to do with the site URL/SSL settings.

    • Sarah Bailey
      Posted at 13:15h, 22 July Reply

      Nicole, just a quick update. Chrome allowed this bug to make it into stable v.44 so it’s going to affect WordPress sites for any users now, not just beta Chrome users. The fix is due out next week.

      • VlooMan
        Posted at 13:26h, 22 July Reply

        True! This will break thousands of websites. Looking for a solution (at least temporary fix) as the problem occurs in a normal WP installation as well. Without woocommerce activated.

      • nicole
        Posted at 13:29h, 22 July Reply

        Hi Sarah, thanks for this information. You wrote “The fix is due next week” – does that mean Chrome will fix that?

        • Sarah Bailey
          Posted at 13:33h, 22 July Reply

          I think I misunderstood the initial reply on the bug trac, the conflict is with any WP site, not just woocommerce. Chrome has a fix in place, it just didn’t make it into the initial stable 44 release. It will be in the next update, which seems to push out on Mondays. I’m asking on the bug trac if it will come out sooner due to the scope of the problem.

          • nicole
            Posted at 14:24h, 22 July Reply

            That would be great – because a lot of pages are affected and the sites look really terrible.

      • VlooMan
        Posted at 14:59h, 22 July Reply

        Hey,

        just wrote a veeeeery small WordPress Plugin to address this issue and manually force NO SSL.

        What it basically does is that it sets the $_SERVER[‘HTTPS’] to false so all themes and plugins will not be forced to use SSL. I am sure it is not a 100% fix but at least it fixes the broken layout when page accessed without HTTPS.

        Download the temporary fix WordPress Plugin here. Just Install & Activate the plugin:
        https://goo.gl/ZV8UdK

        Hope it helps,
        Cheers

      • VlooMan
        Posted at 17:01h, 22 July Reply
      • VlooMan
        Posted at 03:38h, 23 July Reply

        The plugin is now available on GitHub – https://goo.gl/D54cWv

  • nicole
    Posted at 09:11h, 07 July Reply

    Sarah,
    thanks for your reply! Your comment was very helpful, because I could specify the problem. Chrome 43 is okay. Thats why, I took a look at my plugins. And I found the one which causes the trouble in this case. Its the plugin “EventOn”. I will give this information to EventOn and the dev forum.
    Thanks for your fast response!

  • twohumans
    Posted at 15:39h, 22 July Reply

    Your link https://goo.gl/ZV8UdK does not work. Could you provide the full link please.

  • nicole
    Posted at 19:00h, 22 July Reply

    @VlooMan thanx!

    • VlooMan
      Posted at 03:36h, 23 July Reply

      I am very glad it helped. The plugin is now available on GitHub so you can view the source – https://goo.gl/D54cWv

  • twohumans
    Posted at 19:35h, 22 July Reply

    Thank you!

    • VlooMan
      Posted at 03:36h, 23 July Reply

      I am very glad it helped. The plugin is now available on GitHub so you can view the source – https://goo.gl/D54cWv

  • Amy
    Posted at 01:17h, 23 July Reply

    @VlooMan THANK YOU!

    • VlooMan
      Posted at 03:36h, 23 July Reply

      Hi Amy, I am very glad it helped. The plugin is now available on GitHub so you can view the source – https://goo.gl/D54cWv

  • Patrick
    Posted at 01:46h, 23 July Reply

    @vloman thanks for the solution

    • VlooMan
      Posted at 03:37h, 23 July Reply

      Hi Patrick, I am very glad it helped. The plugin is now available on GitHub – https://goo.gl/D54cWv

  • Chris
    Posted at 03:20h, 23 July Reply

    @VlooMan Thank you so much. That fix was a huge help

    • VlooMan
      Posted at 03:37h, 23 July Reply

      Hi Chris, I am very glad it helped you. The plugin is now available on GitHub – https://goo.gl/D54cWv

  • Anis
    Posted at 05:22h, 23 July Reply

    Hi @VlooMan, Thank you so mush, you did an excellent Job. Thanks Again.

  • Sarah Bailey
    Posted at 07:17h, 23 July Reply

    Another update: It looks like the chrome devs have acknowledged the impact of the release and are investigating if a push update can be made early.

  • Tilo
    Posted at 08:39h, 23 July Reply

    You can fix the problem for now if you have SSL and Woocommerce running together by unchecking “Force HTTP when leaving the checkout”. This makes the site available in https (though canonicals should are still pointing to http, so no problem for SEO right now) and it worked for me!

    Thank you so much for this post. You’ve made my day!

  • bquerrywp
    Posted at 09:17h, 23 July Reply

    Any idea of workaround if you use SSL and non-SSL pages? I can’t even get into my website with the latest Chrome version. I get an error “THis webpage has a redirect loop” ERR_TOO_MANY_REDIRECTS

  • Chrome 44 Sending HTTPs Header By Mistake, Breaking Web Applications Everywhere
    Posted at 10:22h, 23 July Reply

    […] Now this is interesting. […]

  • Marijn kortstra
    Posted at 10:36h, 23 July Reply

    Another temporary fix is to add ‘RequestHeader unset HTTPS’ to your .htaccess. Don’t forget to remove it after chrome fixed this annoying bug!

  • Bug di Chrome causa problemi di visualizzazione dei siti web - Spicelab
    Posted at 10:59h, 23 July Reply

    […] Dopo qualche indagine, abbiamo riscontrato che la nuova versione del browser (la 44.0.2403.89 rilasciata un paio di giorni fa) forza di sua iniziativa il caricamento delle pagine utilizzando il protocollo https; se questo protocollo non è abilitato, ecco i problemi. Il bug è stato riscontrato anche da altri, che lo hanno fatto presente tra i commenti all’annuncio ufficiale del rilascio http://googlechromereleases.blogspot.it/2015/07/stable-channel-update_21.html L’articolo originale riportato nel commento è questo: https://spunmonkey.com/chrome-beta-44-causing-problems-with-httpsssl/ […]

  • rbnz
    Posted at 12:27h, 23 July Reply

    This had work for me:
    “add this to the top of your .htaccess:

    # BEGIN Resolve Chrome Issue
    RequestHeader unset HTTPS
    # END Resolve Chrome Issue”

  • Stefan
    Posted at 12:37h, 23 July Reply

    Comment removed.

    Note from Sarah: I absolutely will not condone or allow theft of intellectual property in any way, shape, or form, in my comments area or on my website. Calling it a “donation” does not make it ok.

  • VlooMan
    Posted at 12:45h, 23 July Reply

    Seems like someone got “inspired” by the original fix plugin – https://goo.gl/D54cWv 😉 At least you could bring something new to make it better than the original. Anyway, good luck with the forced donations 😉

    • Sarah Bailey
      Posted at 15:10h, 23 July Reply

      Dealt with this. Ugh.

      • VlooMan
        Posted at 15:14h, 23 July Reply

        Yeah, pretty disgusting… Thanks.

  • Google Chrome broke my wordpress website with https redirects | My-designer
    Posted at 22:12h, 23 July Reply

    […] several hours of panic, checking server configuration and unhappy customers, we found through THIS SITE that google chrome was the culprit. and that it was not going to be fixed till the 27th of July […]

  • Google Chrome broke my wordpress website with https redirects | My-Cloud.Agency
    Posted at 22:25h, 23 July Reply

    […] several hours of panic, checking server configuration and unhappy customers, we found through THIS SITE that google chrome was the culprit. and that it was not going to be fixed till the 27th of July […]

  • Luke
    Posted at 23:58h, 23 July Reply

    I made a WordPress plugin based off of the above comments which will also provide a fixed solution: https://wordpress.org/plugins/chrome-https-bug-fix-for-woocommerce
    I’ve noticed WooCommerce sites are more affected then the WordPress-only sites.

    • Gal
      Posted at 00:00h, 24 July Reply

      Its about time. Works great. Thanks!!!!

    • VlooMan
      Posted at 06:06h, 24 July Reply

      If the problem is caused by WooCommerce, there is no need for another plugin. Just update the WooCommerce to the latest version.

      • Marijn Kortstra
        Posted at 13:43h, 24 July Reply

        Well, it isn’t always possible to ‘just update’. The theme files need to be ready for all the changes, that is not something we can do for all our client websites, in a few days.

      • Luke
        Posted at 20:13h, 24 July Reply

        This issue also applies to non-WooCommerce sites and not all people can fix their site with the same method. Our WooCommerce and WordPress sites were up to date and still received the issue with Chrome, the plugin is our temporary fix until Chrome is fixed.

  • VlooMan
    Posted at 01:12h, 25 July Reply

    Hi all,

    Google Chrome released an official fix patch. Version 44.0.2403.107 (Win, Mac, Linux) fixes this behavior. So go ahead and update your browser. You should see an update already https://code.google.com/p/chromium/issues/detail?id=501842#c63

    Cheers

    • rbnz
      Posted at 05:20h, 25 July Reply

      I can’t tell it to all the people that come to visit my websites..

      • VlooMan
        Posted at 07:01h, 25 July Reply

        😀 😀 Of course you cannot 😀 😀 This was just a notification that Google solved the problem, so the number of affected visitors will decrease dramatically with every next day. You should keep the fix (if using any) a little more to ensure all visitors have a problem-free experience 😉

Leave a Reply