EPrints Technical Mailing List Archive

Message: #06890

Re: [EP-tech] Any issues under SSL?

To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
Subject: Re: [EP-tech] Any issues under SSL?
From: "Alan.Stiles" <alan.stiles@open.ac.uk>
Date: Thu, 19 Oct 2017 10:55:22 +0000

Thanks David / John,

I can see that the verb image URIs are stored in the epmi files for the plugins I have installed. I’m guessing the available-tab verb-entries are getting that URIvalue from the bazaar during the ajax call?

I’ve already tried changing the source URI in cfg.d/epm.pl to use https

I suppose one option would be to amend the render function for the EPM to replace the protocol with the value from the current view (or just https as it’s available?)

Alan

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of John Salter
Sent: 19 October 2017 09:38
To: eprints-tech@ecs.soton.ac.uk
Subject: Re: [EP-tech] Any issues under SSL?

I've seen this too.

I wonder whether updating [EPRINTS_ROOT]/archives/[ARCHIVEID]/cfg/cfg.d/epm.pl to set the base URL of the Bazaar to be https would help?

On a related note, EPrints 3.3.10, over https, the fileicons are served over http (EPrints::DataObj::Document::icon_url check for $session->{preparing_static_page}, and uses http_url to construct the URL).

One way to resolve this is to unset $c->{host}, and just have $c->{securehost} set - but I'm not sure if this introduces other issues.

Anyone else got a better resolution for this? (I know issuing an HSTS header would solve it in practical terms, but I'd like EPrint to emit the right URL anyway).

Cheers,

John

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of David R Newman
Sent: 19 October 2017 09:12
To: eprints-tech@ecs.soton.ac.uk
Subject: Re: [EP-tech] Any issues under SSL?

Hi Alan,

Yes, I see this issue to when I click on the Available tab and it loads things through from the Bazaar. bazaar.eprints.org is fully SSL enabled, so it should be possible to fix a file somewhere on your local repository. I am not sure which file yet. However, when I do I will get back to you and also submit a patch so other can fix this. It looks like it is probably a one liner.

Regards

David Newman

EPrints Services

On 19/10/2017 08:54, Alan.Stiles wrote:

Hi all,

For anyone running under SSL, do you have any errors flagged about mixed content when using the bazaar? My test setup complains that the verb images (e.g. ‘One-click Install’ or ‘for data’) are all coming from http://bazaar.eprints.org. Have you implemented a local fix or just ignore it as it only really affects you?

Thanks,

Alan

-- The Open University is incorporated by Royal Charter (RC 000391), an exempt charity in England & Wales and a charity registered in Scotland (SC 038302). The Open University is authorised and regulated by the Financial Conduct Authority in relation to its secondary activity of credit broking.
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/

References:
- [EP-tech] Any issues under SSL?
  - From: "Alan.Stiles" <alan.stiles@open.ac.uk>
- Re: [EP-tech] Any issues under SSL?
  - From: David R Newman <drn@ecs.soton.ac.uk>
- Re: [EP-tech] Any issues under SSL?
  - From: John Salter <J.Salter@leeds.ac.uk>

Prev by Date: Re: [EP-tech] Issue installing IRStats
Next by Date: Re: [EP-tech] Any issues under SSL?
Previous by thread: Re: [EP-tech] Any issues under SSL?
Next by thread: Re: [EP-tech] Any issues under SSL?
Index(es):
- Date
- Thread