[opencms-dev] opencms secure https configuration
lruggeri at maticad.it
lruggeri at maticad.it
Wed Feb 11 17:19:01 CET 2015
Hello to everyone,
What is the right way to configure a site that can be served both in http
and https (using property secure:true)?
I have the following in opencms-system.xml:
<sites>
<workplace-server>https://www.site.com</workplace-server>
<default-uri>/sites/default/</default-uri>
<shared-folder>/shared/</shared-folder>
<site server="http://www.site.com" uri="/sites/default/"
title="" position="3.4028235E38" webserver="false">
<secure server="https://www.site.com" exclusive="true"
error="false"/>
</site>
</sites>
Now if I include an external javascript resource which is outside opencms
(eg: https://www.site.com/ext/file.js) I get a warning from the browser
because the resource is loaded with http.
Opencms is changing the url even if it is put directly in the jsp. Looking
at the html source the url is http://www.site.com/ext/file.js
The other problem are image linked in css: url("/images/image.jpg") is first
requested with https but the export url is a redirect to http.
Is this the expected behaviour or I have a wrong configuration? Do I have to
set secure:true also in the images folder? (not all of the need to be
secure)
Thank you,
Lisa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20150211/2fb95f24/attachment.htm>
More information about the opencms-dev
mailing list