EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #06891


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Any issues under SSL?


Hi Alan,

I believe this is now fixed in the latest GitHub commit for https://git
hub.com/eprints/eprints  I raised this as an issue https://github.com/e
prints/eprints/issues/466

John: I wanted to be careful not to change anything other than the img
element src URLs, as I was unsure whether changing the URI for an EPM
 from http://bazaar.eprints.org/... to https might cause problems.  So
my fix literally on modifies these URLs to https and only when the
original request for the Admin::EPM Screen plugin was over https.

Regards

David Newman 


On Thu, 2017-10-19 at 10:55 +0000, Alan.Stiles wrote:
> Thanks David / John,
> I can see that the verb image URIs are stored in the epmi files for
> the plugins I have installed.  I’m guessing the available-tab verb-
> entries are getting that URIvalue from the bazaar during the ajax
> call?
> I’ve already tried changing the source URI in cfg.d/epm.pl to use
> https
> I suppose one option would be to amend the render function for the
> EPM to replace the protocol with the value from the current view (or
> just https as it’s available?)
>  
> Alan
>  
>  
> From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounc
> es@ecs.soton.ac.uk] On Behalf Of John Salter
> Sent: 19 October 2017 09:38
> To: eprints-tech@ecs.soton.ac.uk
> Subject: Re: [EP-tech] Any issues under SSL?
>  
> I've seen this too.
> I wonder whether updating
> [EPRINTS_ROOT]/archives/[ARCHIVEID]/cfg/cfg.d/epm.pl to set the base
> URL of the Bazaar to be https would help?
>  
> On a related note, EPrints 3.3.10, over https, the fileicons are
> served over http (EPrints::DataObj::Document::icon_url check for
> $session->{preparing_static_page}, and uses http_url to construct the
> URL).
>  
> One way to resolve this is to unset $c->{host}, and just have $c-
> >{securehost} set - but I'm not sure if this introduces other issues.
>  
> Anyone else got a better resolution for this? (I know issuing an HSTS
> header would solve it in practical terms, but I'd like EPrint to emit
> the right URL anyway).
>  
> Cheers,
> John
>  
> From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounc
> es@ecs.soton.ac.uk] On Behalf Of David R Newman
> Sent: 19 October 2017 09:12
> To: eprints-tech@ecs.soton.ac.uk
> Subject: Re: [EP-tech] Any issues under SSL?
>  
> Hi Alan,
> Yes, I see this issue to when I click on the Available tab and it
> loads things through from the Bazaar.  bazaar.eprints.org is fully
> SSL enabled, so it should be possible to fix a file somewhere on your
> local repository.  I am not sure which file yet.  However, when I do
> I will get back to you and also submit a patch so other can fix
> this.  It looks like it is probably a one liner.
> Regards
> David Newman
> EPrints Services
> On 19/10/2017 08:54, Alan.Stiles wrote:
> Hi all,
> For anyone running under SSL, do you have any errors flagged about
> mixed content when using the bazaar?  My test setup complains that
> the verb images (e.g. ‘One-click Install’ or ‘for data’) are all
> coming from http://bazaar.eprints.org.  Have you implemented a local
> fix or just ignore it as it only really affects you?
>  
> Thanks,
> Alan
> -- The Open University is incorporated by Royal Charter (RC 000391),
> an exempt charity in England & Wales and a charity registered in
> Scotland (SC 038302). The Open University is authorised and regulated
> by the Financial Conduct Authority in relation to its secondary
> activity of credit broking. 
> 
> 
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-
> tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
>  
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-
> tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/