NetSuite Changelog
CommerceSecurityBest PracticesHow-ToSuiteCommerceIntegration

Mixed Domains Management on Local Servers in NetSuite

Mixed domains in local server environments can lead to production page loads during redirection, causing potential security issues.

·2 min read·1 views·View Oracle Docs

When testing on a local server, handling mixed domains is crucial. The application typically loads the production version of a page when redirecting between domains, which may lead to issues during development.

For example, if you start on the local version of the Shopping domain using the shopping-local.ssp URL and then log in, you'll be redirected to the production version at my-account.ssp. To revert to the local version, you must manually change the URL:

Change:

https://checkout.netsuite.com/c.xxxxxxx/sca-dev-denali/my_account.ssp?n=3

To:

https://checkout.netsuite.com/c.xxxxxxx/sca-dev-denali/my_account-local.ssp?n=3

Common Errors

When manually updating this URL, certain browsers, like Chrome, may present a blank page accompanied by console errors. A common error might be:

html
Mixed Content: The page at 'https://checkout.netsuite.com/c.xxxxxx/sca-dev-denali/my_account-local.ssp?n=3' was loaded over HTTPS, but requested an insecure stylesheet 'http://localhost:7777/css/myaccount.css'. This request has been blocked; the content must be served over HTTPS.

To mitigate this issue in Chrome, you can click on the shield icon in the address bar and select Load unsafe scripts to load the page correctly. This action permits some insecure content to be displayed alongside secure content.

Alternative Solutions

You can also:

  • Launch Chrome with the --allow-running-insecure-content flag to disable content security temporarily.
  • Install SSL certificates on your local web server to enable secure data transfer.

By correctly managing these mixed domains, developers can ensure smoother transitions during testing and avoid potential security pitfalls.

Frequently Asked Questions (4)

How can I handle mixed domain redirects during local server testing in NetSuite?
When redirected from a local shopping domain to a production version, manually change the URL to revert to the local version, ensuring the domain is set to end with '-local.ssp'.
What should I do if Chrome displays a blank page with console errors during testing?
This might occur due to mixed content errors. You can click the shield icon in Chrome's address bar and select 'Load unsafe scripts' to allow insecure content.
Are there permanent solutions to handle mixed content issues in NetSuite local testing?
You can launch Chrome with '--allow-running-insecure-content' or install SSL certificates on your local web server to ensure secure data transfer.
Does enabling the 'Load unsafe scripts' option in Chrome affect security during local testing?
Yes, this option temporarily allows insecure content, which can help during testing, but be cautious as it may expose some security vulnerabilities.
Source: Mixed Domains in a Local Server Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Commerce

View all Commerce articles →