[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] empty c->{'host'} in Eprints 3.3.XX

Hi Yuri,

Thanks for the info.? I am no longer actively maintaining EPrints 3.3.x 
codebase but if you submit a pull request for this, I am happy to merge 
it into the https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002141982%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=U%2FkEFVEYrj4OuZrjbLTsY%2B%2BSB19IAzRVpOlIH6mUvHs%3D&reserved=0.

I can fix the DataCiteDOI plugin now that I am and admin on the 
eprintsug organisation.? So I will look into submitting a pull request 
for that and hopefully a reviewer, otherwise I will just merge it myself.

Regards

David Newman

On 05/09/2022 2:30 pm, Yuri via Eprints-tech wrote:
> *CAUTION:* This e-mail originated outside the University of Southampton.
>
> Hi!
>
> ?I've found 2 more places we had to overcome the missing c->{host}:
>
> ?in the repository config, cfg.d/misc.pl:
>
> change
>
> $c->{cookie_domain} = $c->{host};
>
> to
>
> $c->{cookie_domain} = $c->{securehost};
>
> If you've the DOI plugin:
>
> in cfg.d/z_datacitedoi.pl
>
> change
>
> $c->{datacitedoi}{repoid} = $c->{host};
>
> to
>
> $c->{datacitedoi}{repoid} = $c->{securehost};
>
>
> The only other part where c->{host} is used is:
>
> perl_lib/EPrints/Repository.pm:??? ??? scheme => ($config->{host} ? 
> "http" : "https"), (but this should be ok because it will default to 
> https)
>
> and Sword which I don't use.
>
>
> also there's
>
> perl_lib/EPrints/URL.pm:??? $opts{host} = "" unless defined $opts{host};
>
> But I think that opts{host} will be set to https by the caller.
>
>
> Thanks!
>
> Il 08/08/22 10:34, Yuri via Eprints-tech ha scritto:
>> *CAUTION:* This e-mail originated outside the University of Southampton.
>>
>>
>> Il 08/08/22 09:54, David R Newman ha scritto:
>>>
>>> Hi Yuri,
>>>
>>> If you were in EPrints 3.4.1 onwards then you could just unset 
>>> $c->{host}.? However, there are some Bazaar plugins that rely on 
>>> $c->{host} being set, so you would need to check to make sure 
>>> $c->{host} was not used directly anywhere and update appropriately 
>>> to use $c->{securehost}.
>>>
>>> If you are still on 3.3.x, then the best plan is to manually set 
>>> various URLs through configuration:
>>>
>>> $c->{http_url} = $c->{base_url};
>>>
>>> $c->{http_cgiurl} = $c->{perl_url};
>>>
>>
>> It is Eprints 3.3.15.
>>
>> What happen if I don't set these? It seems to work, only 
>> c->{'frontpage'} is set only from http_url, the other uses ||= to get 
>> the value from other variables.
>>
>> But I agree it is better to set them!
>>
>>
>>> I think you should have a cfg/cfg.d/20_baseurls.pl in you archive, 
>>> if so just add these links after the lines that set the 
>>> $c->{base_url} and $c->{perl_url} variables.? However, this will 
>>> only work if you have a recent version of 20_baseurls.pl, which 
>>> prioritises HTTPS over HTTP:
>>>
>>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints%2Fblob%2F3.3%2Flib%2Fdefaultcfg%2Fcfg.d%2F20_baseurls.pl&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002141982%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9GPdlaapz9GcG57VYr7U4z2ybRYYeSCg82uAM748%2BP8%3D&reserved=0
>>>
>> Yes, it is. I'll do this.
>>
>>
>>> Also, using a copy of 20_baseurls.pl above with the changes I 
>>> suggested will also only work if $c->{securehost} is set in a file 
>>> that is loaded before 20_baseurls.pl (e.g. 10_core.pl).
>>>
>> It is set in 10_core.pl so it should be ok.
>>
>>
>>> If you have $c->{securehost} defined in https.pl, (which seems quite 
>>> common), you are best renaming this to 15_https.pl.? Once you have 
>>> got the appropriate changes in place, it is probably worth running 
>>> generate_apacheconf and generate_static, although I don't think the 
>>> former should be needed.? Then when you are happy that static pages 
>>> no longer have any HTTP URLs, (by testing in your web browser), it 
>>> is worth running "epadmin refresh_abstracts" and "epadmin 
>>> refresh_views" to clear HTTP URLs from those pages as well.
>>>
>>> Regards
>>>
>>> David Newman
>>>
>>>
>>> On 08/08/2022 8:02 am, Yuri via Eprints-tech wrote:
>>>> CAUTION: This e-mail originated outside the University of Southampton.
>>>>
>>>> Hi!
>>>>
>>>>    I would like to totally switch to https. I've managed most of the
>>>> redirects at apache level and it works but, for example, the export for
>>>> in views (/cgi/exportview) still point to http, as various backend urls.
>>>> Redirects are not perfect because when cgi is involved the browser will
>>>> prompt a secure warning because the form will go in http (before
>>>> redirect). Looking at the code, seems possible to have only securehost
>>>> set and c->{'host'} commented. Will this work or there will be any issue?
>>>>
>>>>
>>>> *** Options:http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
>>>> *** Archive:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=UbVBWyTZGgoQWKe9OCt3OOrPfvyflBfVgCPqbekmiXQ%3D&reserved=0
>>>> *** EPrints community wiki:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vWRu2ZWixGGsEPAQAt88O3mGFThsEpJ0ZQMR3b1HKOM%3D&reserved=0
>>
>> *** Options:http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
>> *** Archive:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=UbVBWyTZGgoQWKe9OCt3OOrPfvyflBfVgCPqbekmiXQ%3D&reserved=0
>> *** EPrints community wiki:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vWRu2ZWixGGsEPAQAt88O3mGFThsEpJ0ZQMR3b1HKOM%3D&reserved=0
>
> *** Options:http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=UbVBWyTZGgoQWKe9OCt3OOrPfvyflBfVgCPqbekmiXQ%3D&reserved=0
> *** EPrints community wiki:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C3b9702e1e8a949abf84f08da8f49b70a%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637979844002298662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vWRu2ZWixGGsEPAQAt88O3mGFThsEpJ0ZQMR3b1HKOM%3D&reserved=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20220905/7123c33a/attachment-0001.html