EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #04473


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Problems having the secure.xml template loaded OR How to get a different $config{base_url} for secure connections?


Hi,

please could someone point me to where in the codebase EPrints decides to load either of default.xml or secure.xml template? Failed to grep that place in order to find out what the exact conditions are.

What I am struggling with is to load local asset files (.css, .js). If the connection is secure because the client is logged in, Firefox seems to happily load these files into cache as Firebug shows, but refuses to use them. That's apparently why the user area is styled with bare browser-defaults, while in the public pages the styles are applied properly.

Firebug allows to change the loaded code on the fly. By fixing the urls, I get some style afterwards. Not everything, to fix this may be yet another issue when I have solved the basic one.

We have different hosts for insecure and secure connections, and different http(s)_roots too: https requires loading from a subpath on another vhost, while http is served directly from the official domain. This setup seems to be too exotic for the current implementation. Because EPrints urls are variadic in regard to hierarchy depth, the paths cannot be indicated relative or absolute-on-same-domain in the template (at least not without dirty methods asking for trouble).

If the default.xml vs. secure.xml template distinction is deprecated, I didn't find a hint in the changelogs. As a work-around I considered to define a different $config{base_url} when the connection is secure, but in cfg.d/session.pl file, can't I use $session->get_secure to get a session-restricted base_url for template rendering?

Following has no effect:

$c->{session_init} = sub {
    my ($session, $offline) = @_;
    $c->{base_url} = $c->{https_root} if $session->get_secure;
};


Kind regards
Florian

--
UB Heidelberg (Altstadt)
Plöck 107-109, 69117 HD
Abt. Informationstechnik
http://www.ub.uni-heidelberg.de/