I've set up camlistore+publisher running behind a reverse proxy that
handles HTTPS therefore camlistore and publisher uses HTTP.
Issue 818 [1] and CL 6646 [2] mentioned this issue and I could make
camlistore+publisher work together with the following snipplet in
server-config.json:
{
"baseURL": "https://external.address";,
"listen": ":3179",
...
"publish": {
"/pics/": {
"listen": ":3155",
"backendURL": "http://localhost:3155/";,
"apiHost": "http://localhost:3179/";,
"camliRoot": "publisher-pics",
"cacheRoot":
"/volume1/camlistore/home/var/camlistore/publisher-pics-cache",
"goTemplate": "gallery.html"
}
}
}
Publisher works fine when using http://diskstation:3179/pics/foo (internal
address), but fails in the browser because of mixed content when being
accessed through the reverse proxy over https://external.address/pics/foo.
The problem is that
1. publisher serves the HTML with the JS-global variable "scheme" set to
the protocol it uses to access the parent camlistore process, and
2. the publisher gopherjs/js client in the browser uses this variable to
fetch page members (instead of the scheme the publisher page was accessed
with)
Fixing either of the above problems would fix my issue, but wouldn't it be
reasonable to remove scheme from the page header, and just use
window.location.protocol instead? Doing that seemed to fix the issue on my
end. The browser UI of publisher should not know what protocol the server
uses internally to talk to its parent, and browser links will only work
with the correct protocol after all.
[1] https://github.com/camlistore/camlistore/issues/818
[2] https://camlistore-review.googlesource.com/c/6646/
--
You received this message because you are subscribed to the Google Groups
"Camlistore" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
