Dotclear

Ticket #2052 (closed defect: invalid)

Opened 11 years ago

Last modified 11 years ago

mixed content with dcCKEditor

Reported by: theYinYeti Owned by: team
Priority: normal Milestone:
Component: module:core Version: 2.7.2
Severity: critical Keywords: CKEditor mixed content
Cc:

Description

Hi, my dotclear is served on HTTP by Nginx / php-fpm. However, it is behind an SSL proxy, and when php-fpm is called, these settings are correctly set: fastcgi_param HTTPS "on"; fastcgi_param SERVER_PORT "443";

I tried using the new CKEditor for writing a new post, but I get these errors in Firefox’ console: Blocked loading mixed active content " http://server.tld/dc/admin/index.php?pf=dcCKEditor/js/ckeditor/config.js" index.php:237 Blocked loading mixed active content " http://server.tld/dc/admin/index.php?pf=dcCKEditor/js/ckeditor-skins/dotclear/skin.js" index.php:237 Blocked loading mixed active content " http://server.tld/dc/admin/index.php?pf=dcCKEditor/js/ckeditor-skins/dotclear/editor_gecko.css" index.php:237 Blocked loading mixed active content " http://server.tld/dc/admin/index.php?pf=dcCKEditor/js/ckeditor/lang/fr.js" index.php:237

And the locations where the text input normally happens just remains blank.

The browser blocks HTTP contents for an HTTPS page, which is normal. Such errors already happened in the past (for example on logout from the admin pages), but have been fixed since then. The same fix will probably work here.

Bug seen in 2.7.2 and 2.7.3. I rate the bug as critical since the upgrade to 2.7.2 seems to set CKEditor as the default, and it is not obvious what the problem is to someone with less knowledge / luck. At first, I thought that the absence of text fields was a new feature, and that they would appear after I had set a title and saved… which of course did not work.

Change History

comment:1 Changed 11 years ago by bruno

Have you specified the right value to the DC_ADMIN_URL setting in your inc/config.php ? I mean, by specifying also the "https" url ?

comment:2 Changed 11 years ago by theYinYeti

Thank you Bruno, this was indeed the problem. I had forgotten that I had reverted this property from HTTPS to HTTP, back when I had issues with running the admin UI behind a reverse-proxy. Now that DC_ADMIN_URL is properly set to an HTTPS URL, CKEditor works fine :-)

comment:3 Changed 11 years ago by theYinYeti

Also, sorry for double-posting, I’ve had issues with my network. So #2053 is a (better-formated) duplicate of #2052

comment:4 Changed 11 years ago by bruno

  • Status changed from new to closed
  • Resolution set to invalid

Thanks for the feedback. Therefore, I close these 2 tickets. Do not hesitate to reopen it in case of trouble

comment:5 Changed 11 years ago by franck

  • Milestone A definir deleted
Note: See TracTickets for help on using tickets.

Sites map