You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Marcello Lorenzi <ce...@hotmail.it> on 2015/07/09 13:46:09 UTC
OM + Moodle plugin call /openmeetings/swf
Hi All,
we have configured the openmeetings installation with the HTTPS connectivity provided by a HAproxy reverse proxy that terminates the SSL connectivity and pass to OM the HTTP request. All works fine if I'm logged from the admin console, but we noticed issue with the moodle plugin.
In fact the moodle plugin call the URL
https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
But the OM instance redirects the call to the same URI adding an ID in HTTP and the browser blocks the call for security reason.
http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
Could we mitigate the issue in order to have a redirect to HTTPS protocol?
Thanks,
Marcello
R: Re: OM + Moodle plugin call /openmeetings/swf
Posted by ce...@hotmail.it.
Yes i can
Marcello
Le mail ti raggiungono ovunque con BlackBerry® from Vodafone!
-----Original Message-----
From: Maxim Solodovnik <so...@gmail.com>
Date: Fri, 10 Jul 2015 13:07:09
To: Openmeetings user-list<us...@openmeetings.apache.org>
Reply-To: user@openmeetings.apache.org
Subject: Re: OM + Moodle plugin call /openmeetings/swf
So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....
I can remove this behavior and create custom version for you, can you then
test it?
On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:
> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>
--
WBR
Maxim aka solomax
R: Re: OM + Moodle plugin call /openmeetings/swf
Posted by ce...@hotmail.it.
Yes i can test for you this change
Le mail ti raggiungono ovunque con BlackBerry® from Vodafone!
-----Original Message-----
From: Maxim Solodovnik <so...@gmail.com>
Date: Fri, 10 Jul 2015 13:07:09
To: Openmeetings user-list<us...@openmeetings.apache.org>
Reply-To: user@openmeetings.apache.org
Subject: Re: OM + Moodle plugin call /openmeetings/swf
So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....
I can remove this behavior and create custom version for you, can you then
test it?
On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:
> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>
--
WBR
Maxim aka solomax
Re: OM + Moodle plugin call /openmeetings/swf
Posted by Maxim Solodovnik <so...@gmail.com>.
So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....
I can remove this behavior and create custom version for you, can you then
test it?
On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:
> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>
--
WBR
Maxim aka solomax