[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] empty c->{'host'} in Eprints 3.3.XX



Hi Yuri,

If you were in EPrints 3.4.1 onwards then you could just unset 
$c->{host}.? However, there are some Bazaar plugins that rely on 
$c->{host} being set, so you would need to check to make sure $c->{host} 
was not used directly anywhere and update appropriately to use 
$c->{securehost}.

If you are still on 3.3.x, then the best plan is to manually set various 
URLs through configuration:

$c->{http_url} = $c->{base_url};

$c->{http_cgiurl} = $c->{perl_url};

I think you should have a cfg/cfg.d/20_baseurls.pl in you archive, if so 
just add these links after the lines that set the $c->{base_url} and 
$c->{perl_url} variables.? However, this will only work if you have a 
recent version of 20_baseurls.pl, which prioritises HTTPS over HTTP:

https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints%2Fblob%2F3.3%2Flib%2Fdefaultcfg%2Fcfg.d%2F20_baseurls.pl&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cc6bc4a97e14442e6f81708da79133961%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637955420746004261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=XnGUWtmX0aFt1A5LNFSHF%2FBxhTd5SoRaDFudIXjKAcw%3D&reserved=0

Also, using a copy of 20_baseurls.pl above with the changes I suggested 
will also only work if $c->{securehost} is set in a file that is loaded 
before 20_baseurls.pl (e.g. 10_core.pl).? If you have $c->{securehost} 
defined in https.pl, (which seems quite common), you are best renaming 
this to 15_https.pl.? Once you have got the appropriate changes in 
place, it is probably worth running generate_apacheconf and 
generate_static, although I don't think the former should be needed. 
Then when you are happy that static pages no longer have any HTTP URLs, 
(by testing in your web browser), it is worth running "epadmin 
refresh_abstracts" and "epadmin refresh_views" to clear HTTP URLs from 
those pages as well.

Regards

David Newman


On 08/08/2022 8:02 am, Yuri via Eprints-tech wrote:
> CAUTION: This e-mail originated outside the University of Southampton.
>
> Hi!
>
>    I would like to totally switch to https. I've managed most of the
> redirects at apache level and it works but, for example, the export for
> in views (/cgi/exportview) still point to http, as various backend urls.
> Redirects are not perfect because when cgi is involved the browser will
> prompt a secure warning because the form will go in http (before
> redirect). Looking at the code, seems possible to have only securehost
> set and c->{'host'} commented. Will this work or there will be any issue?
>
>
> *** Options:http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cc6bc4a97e14442e6f81708da79133961%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637955420746004261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=8w%2FNhEN3KkNcq9Pal6yeZSEeYUdt%2BJLbzo%2Ffkm9XSr0%3D&reserved=0
> *** EPrints community wiki:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cc6bc4a97e14442e6f81708da79133961%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637955420746004261%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=pFKude4ibajQK6Jf7X0vxfYM%2B6Fiqa%2Bxm6qj0Bqd4wY%3D&reserved=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20220808/5f45c9b8/attachment.html