Written by James McDonald

May 15, 2023

Uncaught (in promise) DOMException: Failed to execute 'pushState' on 'History': A history state object with URL 'http://example.com.au/dev/despatch' cannot be created in a document with origin 'https://example.com.au' and URL 'https://example.com.au/dev/despatch'.

I got the above error when attempting to click an Inertia JS Link.

The problem ended up being that I had

<CakePHP 4 Web Application Served via HTTP>—<Ha Proxy terminating HTTPS>—-Web Client

The issue was CakePHP 4 was creating a full URL but it was http://example.com/dev/despatch

 return Router::url($this->getRequest()->getRequestTarget(), true);

To fix it I modified the $fullBaseUrl code in config/bootstrap.php to detect the front end proxy via a header as follows:

 * Set the full base URL.
 * This URL is used as the base of all absolute links.

// mine is set to App.fullBaseUrl = false;
$fullBaseUrl = Configure::read('App.fullBaseUrl');

if (!$fullBaseUrl) {
    $s = null;
    // HaProxy is passing HTTP_X_FORWARDED_PROTO header back to CakePHP 4
    // read it and change scheme to https
    if (env('HTTPS') || env('HTTP_X_FORWARDED_PROTO') === 'https') {
        $s = 's';

    $httpHost = env('HTTP_HOST');
    if (isset($httpHost)) {
        $fullBaseUrl = 'http' . $s . '://' . $httpHost;
    unset($httpHost, $s);

if ($fullBaseUrl) {

Now it correctly sets the Full Base URL and no longer has the front end error as above.


Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Meraki Open Source Licenses

Until today I assumed that Meraki was built in-house with only closed source software. But having a look at the...


If you have Veeam backup failing with the Updating BCD failed with Cannot update SafeBoot flag and SentinelOne is...