[OPEN-ILS-DEV] Fixing the mixed-content warnings in My Account
Dan Scott
denials at gmail.com
Fri May 29 00:38:57 EDT 2009
If I understand correctly, some browsers (hello IE!) throw up warnings
when patrons enter "My Account" in the OPAC because there are some
hard-coded HTTP requests mixed in with the HTTPS session. When patrons
opt to not allow the browser to load mixed content, hilarity (or some
miserable facsimile thereof) ensues. This is bad. Apaprently things
are even worse in IE8.
It looks like the mixed content is due to
Open-ILS/var/web/opac/skin/default/xml/setenv.xml:
setenv.xml:<!--#set var="OILS_BASE"
value="http://${SERVER_NAME}/${OILS_OPAC_BASE}"-->
setenv.xml: <!--#set var="OILS_OPAC_JS_HOST"
value="http://${OILS_OPAC_JS_HOST}"-->
setenv.xml: <!--#set var="OILS_OPAC_CSS_HOST"
value="http://${OILS_OPAC_CSS_HOST}"-->
Setting these to the following alleviates the problem:
setenv.xml:<!--#set var="OILS_BASE" value="${OILS_OPAC_BASE}"-->
setenv.xml: <!--#set var="OILS_OPAC_JS_HOST" value=""-->
setenv.xml: <!--#set var="OILS_OPAC_CSS_HOST" value=""-->
The win from having a non-scary default configuration seems to, in my
mind, outweigh the possible balancing of JS and CSS across different
hosts. Would there be any objection to my merging a commit that resets
each offending var to a non-scary default value, along with a comment
that explains what in the wide world of sports is going on?
--
Dan Scott
Laurentian University
More information about the Open-ils-dev
mailing list