Spinner.gif requested over http instead of https

Running Xwiki through Nginx proxy with SSL, for some reason, the spinner.gif icon is requested over http - not https.

Mixed Content: The page at ‘https://test.wiki.mydomain.com/bin/view/Main/’ was loaded over HTTPS, but requested an insecure image ‘http://test.wiki.mydomain.com/resources/icons/xwiki/spinner.gif’. This content should also be served over HTTPS.

Causes an issue in Chrome and FireFox saying the page is not secure.

Any way to fix?

I can confirm this behavior with xwiki 10.11 on docker postgres tomcat.
Have not yet found time to make a proper report in JIRA / retry this.

I have tried all sorts von nginx configs.

This: https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Installation/InstallationWAR/InstallationTomcat/#Hhttps28secure29
didn’t help either.

When using ssl, some actions in xwiki worked (like viewing pages), but others like saving a blog post failed.

In the chrome developer console it complained about the spinner.gif being not https.

I confirm I have this problem as well in some conditions.

For some reason, the following code generates a bad URL: https://github.com/xwiki/xwiki-platform/blob/5716a62c9e91c6ba3ca19bfca21bebfecbb22274/xwiki-platform-core/xwiki-platform-tree/xwiki-platform-tree-webjar/src/main/less/tree.less#L137

In my case, it generates http://localhost:8080/xwiki/resources/icons/xwiki/spinner.gif even though I am behind a proxy server. So we have a problem in xwiki.getSkinFile, maybe only when used in a webjar.

It would be great of one of use could raise a jira issue for this now, currently I don’t have time for that :frowning:

https://jira.xwiki.org/browse/XDOCKER-93 created!

As a workaround, we uploaded a custom spinner on a secure web server and put the following in our CSS for our Xwiki theme:

.jstree-xwiki>.jstree-container-ul .jstree-loading>.jstree-ocl {
background-image: url(“https://YOURDOMAIN.COM/xwiki-plugins/spinner.svg”);
background-size: 23px;
position: relative;
top: -2px;

Issue moved from https://jira.xwiki.org/browse/XDOCKER-93 to https://jira.xwiki.org/browse/XWIKI-16160 since it’ s not related to the docker packaging.

You’ll be glad to know that the issue is now fixed, see https://jira.xwiki.org/browse/XWIKI-16160