We installed EPiServer.Marketing.Testing 2.3.0 to use A/B testing on our website.
The A/B testing tool seem to be calling http://[hostname]/api/episerver/testing/UpdateClientConversion when a page is visited.
However, our website is running on HTTPS, so the above request is not permitted:
Mixed Content: The page at 'https://[hostname]/[path]/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://[hostname]/api/episerver/testing/UpdateClientConversion'. This request has been blocked; the content must be served over HTTPS.
Can we confugure this somewhere, or does the A/B testing plugin not support HTTPS?
Thanks for bringing this to our attention. It appears that the client side KPI's have the issue of using HTTP exclusively instead of detecting the current protocol and using that. This should only affect the client side KPI types (Time on Page goal for the out of the box KPI's). Server side KPI's should work as expected within an HTTPS only environment. I will add this into the backlog to be fixed ASAP.
Hi Jason. Thank you for the response. If the "Time on Page" KPI is the only goal that is affected by this, the impact is limited. I would love to get an update when the fix has been applied though, or at least to know in which version you expect it to be fixed.
The fix will be in the next release of the AB package v2.3.1. I expect it to be verified next week (if all goes well) and should be available after the following Monday (May 29).
Thank you! :)
@Jason When will v. 2.3.1 be released as a Nuget package? I don't see it yet.
We found a small issue late last week that held up our package. It is fixed up now though, so it should be out Monday.
Sorry for the delay,
Ok - thanks for the update.
Hi Dennis, A/B testing 2.3.1 is out on the NuGet feed now.
Thank you Asa! :)