Let me preface this by saying I may be missing something obvious =)
In my experience turning on SSL breaks parts of TinyMCE in the backend.
Most (maybe all) of the TinyMCE popups, add link, edit html, etc..,
reference /asset_proxy/ which is not in the list of SSL prefixes. As a
result if the admin is served over SSL, the default behavior when ssl is
enabled, those popups no longer work.
An easy workaround is to add /asset_proxy/ to the SSL prefixes, but this
then breaks TinyMCE inline editing, via the editable tag, on any frontend
page that isn't served over SSL. On those pages /asset_proxy/ is initially
referenced without SSL but then redirected to the secure version, the
redirect breaks the popup.
My suggestion is that the Mezzanine SSLRedirectMiddleware also check a list
of prefixes that should be accessible securely or non securely, i.e. never
redirected. By default I think those would be:
('/asset_proxy/', '/displayable_links.js')
Am I missing something? If not and my suggestion sounds like a good idea I
will put together a pull request.
Thanks!
--
You received this message because you are subscribed to the Google Groups
"Mezzanine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
