Hello,
Issue 1: Mixed Content: The page at ‘https://xwiki.mydomain.local/bin/view/Main/#Attachments’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://xwiki.mydomain.local/bin/view/Main/#Attachments’. This request has been blocked; the content must be served over HTTPS.
it occurs on attachment deletion, comment deletion, attachment upload, object deletion. maybe somewhere else.
Issue 2: REST Nigtmare. Rest API returns
<pageSummary>
<link href="http://xwiki.mydomain.local/rest/wikis/xwiki/spaces/Main/spaces/SPACENAME/spaces/SPACENAME2" rel="http://www.xwiki.org/rel/space"/>
…
<xwikiRelativeUrl>
https://xwiki.mydomain.local/bin/view/Main/SPACENAME/SPACENAME2/page1
</xwikiRelativeUrl>
<xwikiAbsoluteUrl>
https://xwiki.mydomain.local/bin/view/Main/SPACENAME/SPACENAME2/page2
</xwikiAbsoluteUrl>
</pageSummary>
How can I get rid of HTTP completely ? I suppose there is something to do with Tomcat, but everything is set as per documentation.
Nginx:
server {
listen 80;
server_name xwiki.mydomain.local;
rewrite ^ https://$server_name$request_uri? permanent;
access_log /var/log/nginx/xwiki-access.log;
error_log /var/log/nginx/xwiki-error.log;
}
server {
listen 443 ssl;
server_name xwiki.mydomain.local;
client_max_body_size 4500m;
ssl_certificate /etc/nginx/ssl/xwiki.mydomain.local.crt;
ssl_certificate_key /etc/nginx/ssl/xwiki.mydomain.local.key;
access_log /var/log/nginx/xwiki-access.log;
error_log /var/log/nginx/xwiki-error.log;
location / {
proxy_pass_request_headers on;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_pass http://127.0.0.1:8080;
proxy_read_timeout 600s;
}
}
XWIKI:
xwiki.url.protocol=https is set.
Tomcat:
<Engine name=“Catalina” defaultHost=“localhost”>
<Valve className=“org.apache.catalina.valves.RemoteIpValve”
internalProxies=“127.0.[0-1].1”
remoteIpHeader=“x-forwarded-for”
requestAttributesEnabled=“true”
protocolHeader=“x-forwarded-proto”
protocolHeaderHttpsValue=“https”/>