I've seen this too.

I wonder whether updating [EPRINTS_ROOT]/archives/[ARCHIVEID]/cfg/cfg.d/epm.pl to set the base URL of the Bazaar to be https would help?

 

On a related note, EPrints 3.3.10, over https, the fileicons are served over http (EPrints::DataObj::Document::icon_url check for $session->{preparing_static_page}, and uses http_url to construct the URL).

 

One way to resolve this is to unset $c->{host}, and just have $c->{securehost} set - but I'm not sure if this introduces other issues.

 

Anyone else got a better resolution for this? (I know issuing an HSTS header would solve it in practical terms, but I'd like EPrint to emit the right URL anyway).

 

Cheers,

John

 

 

Hi Alan,

Yes, I see this issue to when I click on the Available tab and it loads things through from the Bazaar.  bazaar.eprints.org is fully SSL enabled, so it should be possible to fix a file somewhere on your local repository.  I am not sure which file yet.  However, when I do I will get back to you and also submit a patch so other can fix this.  It looks like it is probably a one liner.

Regards

David Newman

EPrints Services

Hi all,

For anyone running under SSL, do you have any errors flagged about mixed content when using the bazaar?  My test setup complains that the verb images (e.g. ‘One-click Install’ or ‘for data’) are all coming from http://bazaar.eprints.org.  Have you implemented a local fix or just ignore it as it only really affects you?

 

Thanks,

Alan

-- The Open University is incorporated by Royal Charter (RC 000391), an exempt charity in England & Wales and a charity registered in Scotland (SC 038302). The Open University is authorised and regulated by the Financial Conduct Authority in relation to its secondary activity of credit broking.

*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech

*** Archive: http://www.eprints.org/tech.php/

*** EPrints community wiki: http://wiki.eprints.org/

*** EPrints developers Forum: http://forum.eprints.org/