[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] Any issues under SSL?



Hi Alan,

I believe this is now fixed in the latest GitHub commit for?https://git
hub.com/eprints/eprints? I raised this as an issue?https://github.com/e
prints/eprints/issues/466

John: I wanted to be careful not to change anything other than the img
element src URLs, as I was unsure whether changing the URI for an EPM
?from http://bazaar.eprints.org/... to https might cause problems. ?So
my fix literally on modifies these URLs to https and only when the
original request for the Admin::EPM Screen plugin was over https.

Regards

David Newman?


On Thu, 2017-10-19 at 10:55 +0000, Alan.Stiles wrote:
> Thanks David / John,
> I can see that the verb image URIs are stored in the epmi files for
> the plugins I have installed.? I?m guessing the available-tab verb-
> entries are getting that URIvalue from the bazaar during the ajax
> call?
> I?ve already tried changing the source URI in cfg.d/epm.pl to use
> https
> I suppose one option would be to amend the render function for the
> EPM to replace the protocol with the value from the current view (or
> just https as it?s available?)
> ?
> Alan
> ?
> ?
> From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounc
> es at ecs.soton.ac.uk] On Behalf Of John Salter
> Sent: 19 October 2017 09:38
> To: eprints-tech at ecs.soton.ac.uk
> Subject: Re: [EP-tech] Any issues under SSL?
> ?
> I've seen this too.
> I wonder whether updating
> [EPRINTS_ROOT]/archives/[ARCHIVEID]/cfg/cfg.d/epm.pl to set the base
> URL of the Bazaar to be https would help?
> ?
> On a related note, EPrints 3.3.10, over https, the fileicons are
> served over http (EPrints::DataObj::Document::icon_url check for
> $session->{preparing_static_page}, and uses http_url to construct the
> URL).
> ?
> One way to resolve this is to unset $c->{host}, and just have $c-
> >{securehost} set - but I'm not sure if this introduces other issues.
> ?
> Anyone else got a better resolution for this? (I know issuing an HSTS
> header would solve it in practical terms, but I'd like EPrint to emit
> the right URL anyway).
> ?
> Cheers,
> John
> ?
> From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounc
> es at ecs.soton.ac.uk] On Behalf Of David R Newman
> Sent: 19 October 2017 09:12
> To: eprints-tech at ecs.soton.ac.uk
> Subject: Re: [EP-tech] Any issues under SSL?
> ?
> Hi Alan,
> Yes, I see this issue to when I click on the Available tab and it
> loads things through from the Bazaar.? bazaar.eprints.org is fully
> SSL enabled, so it should be possible to fix a file somewhere on your
> local repository.? I am not sure which file yet.? However, when I do
> I will get back to you and also submit a patch so other can fix
> this.? It looks like it is probably a one liner.
> Regards
> David Newman
> EPrints Services
> On 19/10/2017 08:54, Alan.Stiles wrote:
> Hi all,
> For anyone running under SSL, do you have any errors flagged about
> mixed content when using the bazaar?? My test setup complains that
> the verb images (e.g. ?One-click Install? or ?for data?) are all
> coming from http://bazaar.eprints.org. ?Have you implemented a local
> fix or just ignore it as it only really affects you?
> ?
> Thanks,
> Alan
> -- The Open University is incorporated by Royal Charter (RC 000391),
> an exempt charity in England & Wales and a charity registered in
> Scotland (SC 038302). The Open University is authorised and regulated
> by the Financial Conduct Authority in relation to its secondary
> activity of credit broking.?
> 
> 
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-
> tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
> ?
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-
> tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/