Contrib.social

Behind HTTPS Load Balancer, Renders HTTP load of JS to Browser

Open on Drupal.org →
Created on 23 October 2017, over 7 years ago
Updated 18 July 2023, almost 2 years ago

Hi,

When using this module in a production environment behind a load balancer it renders the JS requests for the browser to use HTTP instead of HTTPS, which is then rejected because the protocol doesn't match HTTPS. We had to hotfix the module in production deployments by replacing the line in each file (src/Plugin/Field/FieldFormatter/Pdf*.php) in order for this to work.

From:

$file_url = file_create_url($item->entity->getFileUri());

To:

$file_url = str_replace('http:', 'https:', file_create_url($item->entity->getFileUri()));

Note: The web servers are behind an AWS ELB that terminates SSL.

🐛 Bug report
Status

Needs work

Version

1.0

Component

Code

Created by

🇺🇸United States ian.mariano@ianmariano.com

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment almost 2 years ago
    🇳🇿New Zealand code_brown

    Re-rolling patch #6 for 8.x-1.2

  • Comment over 1 year ago
    🇮🇹Italy marco.aresu Cagliari

    Hi,
    I created a patch to use relative url. The iframe url is generated with file_url_generator service.
    The patch replace generateAbsoluteString method to generateString.

    In my case works Behind HTTPS Load Balancer.

  • Comment over 1 year ago
    🇺🇸United States glynster

    Props to @marco.aresu the latest patch works a treat when using Varnish. We were encountering the same issue. Patch resolves the problem right away.

  • Comment about 1 year ago
    🇫🇷France erwangel

    I tested patch from marco.aresu (#10) and it works but page attachments remain in http. For the moment I used hook_page_attachments_alter to correct this with a str_replace("http:", "https:", $url) looping through
    $attachments['#attached']['html_head_link'][1][0]['href']
    I suppose the other patches don't correct this either.

  • Comment 6 months ago
    🇧🇪Belgium Fred R

    Patch #10 works for me

    My config : apache reverse proxy with docker

  • Comment 23 days ago
    🇨🇳China ipumpkin

    corrected reverse proxying config can fix this issue metioned in #8.

    config steps:

    1.add X-Forwarded-Proto header in reverse proxy server:

    proxy_set_header X-Forwarded-Proto $scheme;

    2. config reverse proxy in site settings.php

    $settings['reverse_proxy'] = TRUE;
$settings['reverse_proxy_addresses'] = ['172.17.27.0/24']; // reverse_proxy server ip list
$settings['reverse_proxy_trusted_headers'] = \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_FOR | \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_HOST | \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_PORT | \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_PROTO | \Symfony\Component\HttpFoundation\Request::HEADER_FORWARDED;
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024