#1330 Problem with Flyspray over https
Metadata
Property | Value |
---|---|
Reported by | Steffen Müthing (steffen.muething@iwr.uni-heidelberg.de) |
Reported at | Aug 14, 2013 17:54 |
Type | Bug Report |
Version | 2.2 |
Operating System | Unspecified / All |
Last edited by | Oliver Sander (oliver.sander@tu-dresden.de) |
Last edited at | Aug 14, 2013 20:12 |
Closed by | Oliver Sander (oliver.sander@tu-dresden.de) |
Closed at | Aug 14, 2013 20:12 |
Closed in version | Unknown |
Resolution | Fixed |
Comment | Patch applied in rev 1186. Thanks! |
Description
When used over https, Flyspray doesn't work with current versions of Chrome and Firefox because the automatically generated layout / navigation header snippet includes resources like the CSS files using absolute links that are pinned to unencrypted http. The browsers then refuse to load those files because of their mixed-content policy.
Could someone please apply the attached small patch to dune-web? It fixes the problem by replacing the full URLs with server-local versions starting at the server root.
I've patched the currently deployed version of dune-web with it and it works fine, but the next rebuild from SVN will revert the fix.