From the 2 URLs you show above, which one do you use as the $baseurl in the b2evolution configuration?

Does your reverse proxy translate all URLs in both directions or not?

The error you show contains [loginform] which is a very specific case. What if you try to navigate to other public pages of your blog? Can you make a test where the blog is set as public in b2evolution, not as private/require login. You want to isolate the problem of logging in from the problem of navigating the site.

Hi, you are right, the error message occurs after a login from behind the reverse proxy.
Pages without notification do work.
The reverse proxy translates urls in both direction, if the parser is able to recognise a url.
Sometimes, for instance in javascript, this is not possible, so extra rules must be defined to make a correct replacement

The login page has special javascript that tries to encrypt passwords before submitting the form. You may try to disable this. (It will be disabled by the LDAP plugin anyways because it needs clear passwords to check against the LDAP server). Disabling this in the core (user login settings) may reduce unneeded javascript loads and possible errors.

I'm not sure that's the issue though.

Can you also try posting a comment without being logged in?

Posting a comment should be using the same "crumb" system where it refuses to do an action if the client doesn't send back a crumb it previously got.

In this case I would say the problem is either:

• the crumbs are modified or filtered by the reverse proxy
• there is a cookie domain issue where cookies set by b2evolution don't get sent back to b2evolution (which would actually me my #1 suspect at this point)

The first problem happens when i want to look at a post.
The leave a comment form is not displayer. a sponge cursor with Form is loading.
The only anormal request I see in the logs of the WAM is a call to /browserconfig.xml.
So the url calling this file is not correctly translated.

sometimes, tools like this also use a control based on the referee page. for example if the site mysite.com on a page
mysite.com/sendform.php receives a POST for which the referer is not the same, ex myevilsite.com/sendflorm.php it rejects the POST.
I do not know if such a protection is used with b2evolution

b2evolution does //not// check the Referer, but it definitely requires a session cookie to be sent back.

/browserconfig.xml maight be an IE thing. It's not a b2evolution file.

There is an AJAX request to load the comment form indeed. In the case of an intranet (less spammers) you can disable this in the advanced settings of each collection.

You may however get the same issue again with AJAX features in the backoffice which may also need special handling for their URL to be translated.

PS: we updated http://b2evolution.net/man/intranet-setup