You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@allura.apache.org by Dave Brondsema <br...@users.sf.net> on 2013/12/19 19:33:31 UTC

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** open
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 06:33 PM UTC
**Owner:** nobody

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

- **status**: in-progress --> code-review



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 06:48 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

allura:db/7009

All the code to generate the URLs was working correctly, we were just caching `g.tool_icon_css` too heavily with `@LazyProperty` so the current scheme wasn't being used after the first hit.


---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 06:48 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

Also, this only occurs when `ew.url_base` and/or `static.url_base` are set to a different location (e.g. using a CDN) like `://my.cdn/allura/nf/%(build_key)s/_ew_/`


---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 07:54 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

- **status**: closed --> code-review
- **QA**: Cory Johns -->  nobody 



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 08:07 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Cory Johns <ma...@users.sf.net>.

- **status**: code-review --> closed
- **QA**: Cory Johns



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** closed
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Fri Dec 20, 2013 01:56 AM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

- **status**: open --> in-progress
- **assigned_to**: Dave Brondsema



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** in-progress
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 06:33 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 07:54 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

Another commit on db/7009 to fix the same over-caching issue, but this time for 3rd party Apps' icon urls.


---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** code-review
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 08:07 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Dave Brondsema <br...@users.sf.net>.

The call chain to generate these URLs is deep.  A few key stops along the way are:

* `g.theme_href()`
* `ew.ResourceManager.absurl`
* `ew.core.widget_context`, a `StackedObjectProxy`
* which gets set by `ew.middleware.WidgetMiddleware.__call__`


---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** in-progress
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 06:33 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

[allura:tickets] #7009 /nf/tool_icon_css doesn't preserve https for URLs

Posted by Cory Johns <ma...@users.sf.net>.

- **status**: code-review --> closed
- **QA**: Cory Johns



---

** [tickets:#7009] /nf/tool_icon_css doesn't preserve https for URLs**

**Status:** closed
**Created:** Thu Dec 19, 2013 06:33 PM UTC by Dave Brondsema
**Last Updated:** Thu Dec 19, 2013 07:59 PM UTC
**Owner:** Dave Brondsema

If /nf/tool_icon_css is served from an HTTPS URL, it should try to use https URLs in its output.  Or something like that, so that browsers don't give mixed-security content warnings.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.