[Koha-bugs] [Bug 16615] Full-site SSL: always use SSL when referencing external resources
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Aug 15 14:16:20 CEST 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16615
Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #54442|0 |1
is obsolete| |
Attachment #54456|0 |1
is obsolete| |
--- Comment #14 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 54462
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=54462&action=edit
Bug 16615: Open Library API fails for full-site-SSL
When running Koha in a full-site-SSL configuration accessing
external resouces like Open Library cover images via HTTP
doesn't work (mixed SSL/non-SSL content). It thus breaks a
core feature of Koha. Referencing such resources always via
HTTPS resolves the problem and also enhances privacy as a
side-effect.
Previous tickets took care of Amazon resources. This ticket
is supposed to address the remaining external resource providers,
starting with Open Library.
TEST PLAN
---------
1) Over https access your OPAC with the Enhanced Content system
preferences 'OpenLibraryCovers' set to 'Add', and
'OpenLibrarySearch' set to 'Show'.
2) Search for something (e.g. Mo Willems)
-- Your browser console log will show messages about
mixed content.
3) Apply the patch
4) Making sure to reload the java script, attempt steps 1 & 2
again.
-- no mixed content messages should be given
5) run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list