[Bug 11358] New: Use Amazon's HTTPS URLs for covers when using HTTPS in Koha.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Bug ID: 11358 Summary: Use Amazon's HTTPS URLs for covers when using HTTPS in Koha. Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: OPAC Assignee: oleonard@myacpl.org Reporter: fcapovilla@live.ca QA Contact: testopia@bugs.koha-community.org Created attachment 23361 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=23361&action=edit Use HTTPS Amazon images when Koha is using HTTPS. This patch checks if the Koha instance is using HTTPS and uses Amazon's HTTPS urls when adding Amazon cover images to the pages. Sponsored-by: CCSR ( http://www.ccsr.qc.ca ) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Frédérick Capovilla <fcapovilla@live.ca> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |Needs Signoff Patch complexity|--- |Medium patch Change sponsored?|--- |Sponsored -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de --- Comment #1 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Hi Frederick, I think this might be a duplicate - bug 10944 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Liz Rea <liz@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |liz@catalyst.net.nz --- Comment #2 from Liz Rea <liz@catalyst.net.nz> --- it's not entirely duplicate - he covers some things we didn't cover in the other patch - such as shelves and lists and such. Reconcile this one with that and we should have complete coverage of ssl for amazon on the opac. Liz -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 M. Tompsett <mtompset@hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mtompset@hotmail.com --- Comment #3 from M. Tompsett <mtompset@hotmail.com> --- There is no test plan. A thorough test plan speeds sign offs, Frédérick. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Koha Team Lyon 3 <koha@univ-lyon3.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Patch doesn't apply CC| |koha@univ-lyon3.fr --- Comment #4 from Koha Team Lyon 3 <koha@univ-lyon3.fr> --- <h1>Something went wrong !</h1>Applying: Use HTTPS Amazon images when Koha is using HTTPS. Using index info to reconstruct a base tree... <stdin>:67: trailing whitespace. if ((this.src.indexOf('images.amazon.com') >= 0) || (this.src.indexOf('g-images.amazon.com') >=0) <stdin>:68: trailing whitespace. || (this.src.indexOf('syndetics.com') >=0) || (this.src.indexOf('images-na.ssl-images-amazon.com') >= 0)) { <stdin>:227: trailing whitespace. if ((this.src.indexOf('images.amazon.com') >= 0) || (this.src.indexOf('g-images.amazon.com') >=0) <stdin>:228: trailing whitespace. || (this.src.indexOf('syndetics.com') >=0) || (this.src.indexOf('images-na.ssl-images-amazon.com') >= 0)) { <stdin>:253: trailing whitespace. if ((this.src.indexOf('images.amazon.com') >= 0) || (this.src.indexOf('g-images.amazon.com') >=0) warning: squelched 3 whitespace errors warning: 8 lines add whitespace errors. Falling back to patching base and 3-way merge... Auto-merging koha-tmpl/intranet-tmpl/prog/en/css/staff-global.css Auto-merging koha-tmpl/intranet-tmpl/prog/en/includes/doc-head-close.inc Auto-merging koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/detail.tt CONFLICT (content): Merge conflict in koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/detail.tt Auto-merging koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt CONFLICT (content): Merge conflict in koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-detail.tt CONFLICT (content): Merge conflict in koha-tmpl/opac-tmpl/prog/en/modules/opac-detail.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-opensearch.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-readingrecord.tt CONFLICT (content): Merge conflict in koha-tmpl/opac-tmpl/prog/en/modules/opac-readingrecord.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt CONFLICT (content): Merge conflict in koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt Auto-merging koha-tmpl/opac-tmpl/prog/en/modules/opac-user.tt CONFLICT (content): Merge conflict in koha-tmpl/opac-tmpl/prog/en/modules/opac-user.tt . -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #5 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Did this get folded into bug 10944 in the end? i.e. is this closable a duplicate fixed? -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 --- Comment #6 from M. Tompsett <mtompset@hotmail.com> --- (In reply to Martin Renvoize from comment #5)
Did this get folded into bug 10944 in the end? i.e. is this closable a duplicate fixed?
Partially. I started looking that the Splinter Review between the two and noticed koha-tmpl/opac-tmpl/prog/en/modules/opac-detail.tt differs. This one has more! This should be reworked conflict free and a full testing plan given, in my opinion. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |Academy --- Comment #7 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- This might be another good one for the Academy, marking as such.. Hopefully it's not too difficult to pull out the missing bits so the patch applies again... and get to the bottom of what this patch attempts to achieve that differs to the related bug. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |http://bugs.koha-community. | |org/bugzilla3/show_bug.cgi? | |id=10944 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |10944 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 --- Comment #8 from Justin Vos <justinvos@live.com> --- Created attachment 35264 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=35264&action=edit Bug: 11358 - Use HTTPS Amazon images when Koha is using HTTPS. We've tried to fix the conflicts, not entirely sure if correct, please test thoroughly. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Justin Vos <justinvos@live.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Patch doesn't apply |Needs Signoff CC| |justinvos@live.com -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Blou <philippe.blouin@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eric.begin@inLibro.com, | |francois.charbonnier@inlibr | |o.com, | |marjorie.barry-vila@ccsr.qc | |.ca, | |philippe.blouin@inlibro.com -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Blou <philippe.blouin@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #23361|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 --- Comment #9 from Blou <philippe.blouin@inlibro.com> --- I obsolete the old patch, as it is my understanding the new patch REPLACES it. Anyway, otherwise, it is virtually impossible to apply the old one. This remains to be tested/signed off. We'll test it, but as the sponsor, we can't sign it off. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Mirko Tietgen <mirko@abunchofthings.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mirko@abunchofthings.net --- Comment #10 from Mirko Tietgen <mirko@abunchofthings.net> --- This needs a rebase. Applying: Bug: 11358 - Use HTTPS Amazon images when Koha is using HTTPS. Using index info to reconstruct a base tree... Falling back to patching base and 3-way merge... Auto-merging koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt CONFLICT (content): Merge conflict in koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt Auto-merging koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/detail.tt CONFLICT (content): Merge conflict in koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/detail.tt Auto-merging koha-tmpl/intranet-tmpl/prog/en/includes/doc-head-close.inc Auto-merging koha-tmpl/intranet-tmpl/prog/en/css/staff-global.css Failed to merge in the changes. Patch failed at 0001 Bug: 11358 - Use HTTPS Amazon images when Koha is using HTTPS. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Mirko Tietgen <mirko@abunchofthings.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Patch doesn't apply -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 M. Tompsett <mtompset@hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |http://bugs.koha-community. | |org/bugzilla3/show_bug.cgi? | |id=11982 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 --- Comment #11 from M. Tompsett <mtompset@hotmail.com> --- Looking further, the lack of test plan seems to highlight the issues still outstanding. There are https lack of use in the staff client. There is at least one https use of amazon images not changed in OPAC. Even if this was rebased, I think there are problems. So, whoever fixes this first, please include a test plan. Some of these changes are pointless in functionality, because you can access https on an http page without triggering security issues but not the other way around. Sometimes it is just better to https all the time. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Charles Farmer <charles.farmer@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Patch doesn't apply |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Charles Farmer <charles.farmer@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #35264|0 |1 is obsolete| | --- Comment #12 from Charles Farmer <charles.farmer@inlibro.com> --- Created attachment 45182 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45182&action=edit Bug: 11358 - Use HTTPS Amazon images everywhere Tried to solve the conflicts. Additionnaly, edited files that were still using "http://images.amazon.com". Please test thoroughly. Using HTTPS on an HTTP page shouldn't trigger security issues. I pruned some templates to use HTTPS whenever we're fetching an image from Amazon instead of switching on the using_https variable. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 --- Comment #13 from M. Tompsett <mtompset@hotmail.com> --- (In reply to Charles Farmer from comment #12)
Please test thoroughly.
Can't test thoroughly WITHOUT A TEST PLAN. See comment #3, comment #6, comment #11. I keep asking for one, and keep not getting one. Post a thorough test plan, and I will test. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11358 Charles Farmer <charles.farmer@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |charles.farmer@inlibro.com --- Comment #14 from Charles Farmer <charles.farmer@inlibro.com> --- Test plan (do all these tests on HTTP) To test the changes in staff-global.css, doc-head-close.inc and amazonimages.js : 1) Go to your INTRANET 2) Under the search bar, click on "Search the catalog" 3) Enter a criteria for which you'll get more than one result 4) Documents without an amazon image should have a "No cover image available" placeholder 5) (hard part) Somehow, disable javascript in your browser 1) Under firefox, click F12 2) Click the gear icon at the top right side of the developer interface (4th item from the right) 3) Under "Advanced settings", you'll find "Disable javascript": Click it. 6) After a forced page reload, instead of a placeholder image, you should see a 1x1 image. Intranet: 1) Go to your INTRANET 2) Under the search bar, click on "Search the catalog" 3) Enter a criteria for which you'll get more than one result 4) Click on an entry with a visible image 5) The *amazon-bookcoverimg* should come from https://images-na.ssl-images-amazon.com/ OPAC: 1) Go to your OPAC 2) Search the library catalog for something 1) Images in the result page should be HTTPS 3) Click on anything with an amazon image 4) The opac-detail page should show an HTTPS image 5) On the bottom of the page, open the shelf browser 1) The image should be in HTTPS there too === 1) Go to the page http://<your opac>/cgi-bin/koha/opac-showreviews.pl 2) Book images should be in HTTPS ////////// To be quite honest, I don't know where opac-results-grouped.tt is used. I will leave this as an exercise for the reader. -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org