EPrints Technical Mailing List Archive

Message: #09439

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Mixed Content

Hi Maher,

What you want to do (as you are running pre 3.4.1)  you will need to change the default scheme and then manually set the HTTP URLs settings in lib/cfg.d/20_baseurls.pl.   So first make sure the block of code that sets the default scheme looks like this (and defaults to HTTPS):

        my $uri = URI->new( "http://" );
        if( EPrints::Utils::is_set( $c->{securehost} ) )
        {
                $uri->scheme( "https" );
                $uri->host( $c->{securehost} );
                $uri->port( $c->{secureport} );
                $uri = $uri->canonical;
                $uri->path( $c->{https_root} );
        }
        else
        {
                $uri->scheme( "http" );
                $uri->host( $c->{host} );
                $uri->port( $c->{port} );
                $uri = $uri->canonical;
                $uri->path( $c->{http_root} );
        }

Then below this and after the settings for base_url and perl_url add:

$c->{http_url} = "$uri";
$c->{http_cgiurl} = "$uri/cgi";

Once you are done run "epadmin test".  Then reload the webserver.  Also to make sure caches are clear be sure to run "epadmin refresh_views", "epadmin refresh_abstracts" and "generate_static" before testing pages to make sure mixed content warnings have been fixed.  EPrints 3.4.1 (official release) has fixed many of the mixed content warnings if you had the correct config.  However, it was not until later versions where some outstanding issues were fixed and the need to manually set http_url and http_cgiurl was no longer needed.

Regards

David Newman

On 01/10/2023 2:37 pm, Maher Abdellatif Ahmad Qahwash wrote:
CAUTION: This e-mail originated outside the University of Southampton.
CAUTION: This e-mail originated outside the University of Southampton.

Internal

 

Hi

 

We are running eprints 3.4.1 rc2, only recently for some reason users are facing issues when uploading a file.  The following error is generated:

 

/cgi/users/home?screen=EPrint::Edit&eprintid=142511&stage=files#t:1 Mixed Content: The page at 'https://eprints.kfupm.edu.sa/cgi/users/home?screen=EPrint::Edit&eprintid=142511&stage=files#t' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://eprints.kfupm.edu.sa/cgi/users/home?csrf_token=1696158508%3A255c5c0055815c8209be816b4315cacf&screen=EPrint%3A%3AEdit&eprintid=142511&stage=files&c2_Screen%3A%3AEPrint%3A%3AUploadMethod%3A%3AURL_url=&component=c3&c3_export=119081'. This request has been blocked; the content must be served over HTTPS.

 

Could you please mention which file we should check.

 

Thanks,

Maher

 

This message is marked for Internal university use only. Not to be circulated outside KFUPM.


*** Options: https://wiki.eprints.org/w/Eprints-tech_Mailing_List
*** Archive: https://www.eprints.org/tech.php/
*** EPrints community wiki: https://wiki.eprints.org/