Running Xwiki through Nginx proxy with SSL, for some reason, the spinner.gif icon is requested over http - not https.
Mixed Content: The page at ‘https://test.wiki.mydomain.com/bin/view/Main/’ was loaded over HTTPS, but requested an insecure image ‘http://test.wiki.mydomain.com/resources/icons/xwiki/spinner.gif’. This content should also be served over HTTPS.
Causes an issue in Chrome and FireFox saying the page is not secure.
Any way to fix?
I can confirm this behavior with xwiki 10.11 on docker postgres tomcat.
Have not yet found time to make a proper report in JIRA / retry this.
I have tried all sorts von nginx configs.
This: https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Installation/InstallationWAR/InstallationTomcat/#Hhttps28secure29
didn’t help either.
When using ssl, some actions in xwiki worked (like viewing pages), but others like saving a blog post failed.
In the chrome developer console it complained about the spinner.gif being not https.
I confirm I have this problem as well in some conditions.
For some reason, the following code generates a bad URL: xwiki-platform/xwiki-platform-core/xwiki-platform-tree/xwiki-platform-tree-webjar/src/main/less/tree.less at 5716a62c9e91c6ba3ca19bfca21bebfecbb22274 · xwiki/xwiki-platform · GitHub
In my case, it generates http://localhost:8080/xwiki/resources/icons/xwiki/spinner.gif even though I am behind a proxy server. So we have a problem in xwiki.getSkinFile, maybe only when used in a webjar.
It would be great of one of use could raise a jira issue for this now, currently I don’t have time for that
As a workaround, we uploaded a custom spinner on a secure web server and put the following in our CSS for our Xwiki theme:
.jstree-xwiki>.jstree-container-ul .jstree-loading>.jstree-ocl {
background-image: url(“Free classifieds - yourdomain.com”);
background-size: 23px;
position: relative;
top: -2px;
}
vmassol
7
Issue moved from Loading... to Loading... since it’ s not related to the docker packaging.
You’ll be glad to know that the issue is now fixed, see Loading...