Hi, I was able to solve this issue - at least for Firefox. As described here [1], you can leave out the protocol and reference ambedded external websites with //example.org. Doing that, its referenced via the same protocol as the embedding page. Unfortunately, this only works with Firefox (definitely not with Chromium, havent tried it with IE yet). Though, a compatible solution for all browsers of course would be more appropriate...
But this is obviously not a DSpace issue, so I will stop reporting it here. Best regards Oliver [1] https://developer.mozilla.org/en-US/docs/Security/MixedContent/How_to_fix_website_with_mixed_content Am 30.07.2014 um 10:05 schrieb Oliver Goldschmidt: > Hi again, > > I now retried what I described yesterday in a different browser > (yesterday it was Firefox, today I am trying Chromium) to see if my > HTTPS-CC-issue is reproducable there. Answer: it is reproducable, and > its even worse. Although I am referencing > https://creativecommons.org/choose/?partner=dspace(...) , I get that > error message: "[blocked] The page at 'https://xyz.tuhh.de/submit' was > loaded over HTTPS, but ran insecure content from > 'http://creativecommons.org/choose/?partner=dspace(...)': this content > should also be loaded over HTTPS." > > In Chromium, the problem is already on the cc-licence-page: the iframe > is white without any content. > > Any ideas? > > Best regards > Oliver > > Am 29.07.2014 um 17:19 schrieb Oliver Goldschmidt: >> Hello all, >> >> I have a very weird problem with creativecommons.org and DSpace. Perhaps >> anyone here has an idea about that. >> The scenario is the following: I have DSpace configured, that its always >> loaded over HTTPS (by redirecting any call to Port 443). That works >> fine. But coming to the publication there is a problem. I have also >> enabled the CC-license step. As I reached that step in the publication >> process, I only got a white page inside the cc-iframe. I figured out, >> why that happened: a URL at creativecommons.org is embedded in an >> iframe, and loading a normal HTTP-URL in a HTTPS page iframe is >> forbidden. Though, I changed the URL of creativecommons.org in >> submit/creative-commons.jsp to its HTTPS-equivalent: >> https://creativecommons.org/choose/?partner=dspace. >> Now it worked and I got the creativecommons-page inside the iframe. >> But something is still wrong: I cannot select a license. Its getting >> blocked, because the browser is still getting mixed content. Obviously >> the creativecommons.org-page is not loaded via HTTPS, but via HTTP, >> although the URL points to HTTPS (and is displayed in the HTTPS-iframe, >> while its not displayed using the HTTP-URL). I can even reproduce this: >> clicking on the link https://creativecommons.org/choose/?partner=dspace >> gets me to the unencrypted version of the page. Only when I manually >> edit the URL in my browser window, I get to the real HTTPS address. >> Thats really odd... >> >> Perhaps someone can reproduce that or has an idea how to fix that. >> >> Any hints are appreciated! >> >> Best regards >> Oliver >> >> ------------------------------------------------------------------------------ >> Infragistics Professional >> Build stunning WinForms apps today! >> Reboot your WinForms applications with our WinForms controls. >> Build a bridge from your legacy apps to the future. >> http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk >> _______________________________________________ >> DSpace-tech mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/dspace-tech >> List Etiquette: >> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > ------------------------------------------------------------------------------ > Infragistics Professional > Build stunning WinForms apps today! > Reboot your WinForms applications with our WinForms controls. > Build a bridge from your legacy apps to the future. > http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
