yacine-truefacet opened a new issue #1780: Canonical link does not have https protocol URL: https://github.com/apache/incubator-pagespeed-mod/issues/1780 Hi there, We've been using PageSpeed (compiled with Nginx) for about 5-6 months now. We've been able to resolve most issues but this latest one has us a bit perplexed. When an optimized image is served, the `Link` header has `http` instead of the expected `https` protocol. Here is a sample header: ``` $ curl -I https://media.ourdomain.com/media/catalog/product/cache/1/small_image/270x/9df78eab33525d08d6e5fb8d27136e95/1/8/xaaaaaaaa.JPG.pagespeed.ic.FghrF4nDhC.jpg HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 3088 Connection: keep-alive Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: max-age=31536000, public Date: Sat, 09 Jun 2018 05:51:06 GMT ETag: W/"0" Expires: Sun, 09 Jun 2019 05:51:06 GMT Last-Modified: Sat, 09 Jun 2018 05:51:06 GMT Link: <http://www.ourdomain.com/media/catalog/product/cache/1/small_image/270x/9df78eab33525d08d6e5fb8d27136e95/1/8/aaaaaaaa.JPG>; rel="canonical" Server: nginx/1.12.2 X-Original-Content-Length: 4311 X-Page-Speed: 1.13.35.2-0 Age: 471160 X-Cache: Hit from cloudfront Via: 1.1 xxxxx.cloudfront.net (CloudFront) ``` What's particularly frustrating is that on occasion, it will have the correct protocol: ``` $ curl -I https://media.ourdomain.com/media/wysiwyg/header/xzzzzzzzzz.jpg.pagespeed.ic.4MT-YS3siB.jpg HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 9573 Connection: keep-alive Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: max-age=31536000, public Date: Thu, 14 Jun 2018 16:18:39 GMT ETag: W/"0" Expires: Fri, 14 Jun 2019 16:18:39 GMT Last-Modified: Thu, 14 Jun 2018 16:18:39 GMT Link: <https://www.ourdomain.com/media/wysiwyg/header/zzzzzzzzz.jpg>; rel="canonical" Server: nginx/1.12.2 X-Original-Content-Length: 9626 X-Page-Speed: 1.13.35.2-0 Age: 40 X-Cache: Hit from cloudfront Via: 1.1 xxxxx.cloudfront.net (CloudFront) ``` This logic explicitly enforces the `https` protocol for the `Link` header of image assets: ``` location ~* ^.+\.(css|js|jpe?g|gif|png|ico|gz|svg|svgz|ttf|otf|woff|woff2|woff*|eot|mp4|ogg|ogv|webm)$ { expires 30d; access_log off; add_header "Access-Control-Allow-Origin" "*"; add_header Cache-Control "public"; add_header Link "<https://$http_host$request_uri>; rel=\"canonical\""; } ``` I believe these are the relevant PageSpeed bits from the Nginx config (there is more) but please let me know if you require any additional information: ``` location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" { add_header "" ""; } # This is required for PageSpeed to fetch https assets pagespeed Domain https://*.ourdomain.com; # not our real domain pagespeed Domain https://xxxxxxx.cloudfront.net; # Actual CDN value edited out pagespeed MapOriginDomain localhost:8080 https://*.ourdomain.com; pagespeed RewriteLevel PassThrough; # ... CSS and JS filters edited out ... # Image filters pagespeed EnableFilters rewrite_images; # misc. filters pagespeed EnableFilters convert_meta_tags,collapse_whitespace,remove_comments; # Unnecessary or page-breaking filters pagespeed DisableFilters add_head,extend_cache; pagespeed DisableFilters convert_jpeg_to_webp,convert_to_webp_lossless,convert_to_webp_animated,recompress_webp; ``` Is is possible to have any degree of control over this? Or at least some insight into how this might occur? Thanks in advance.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
