Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Jonathan Nieder jrnie...@gmail.com writes: Junio C Hamano wrote: Jonathan Nieder jrnie...@gmail.com writes: Odd. https://www.gravatar.com/; also seems to work. I've put in a technical support query to find out what the Gravatar admins prefer. Thanks; will hold onto Andrej's patch until we hear what the story is. Good news: a kind person from Automattic answered that www.gravatar.com should work fine over SSL, both now and in the future, and promised to add updating documentation to their todo list. Thanks for your help and patience. I'll merge Andrej's topic to 'next' in the next integration cycle. The fix should hit 'master' no later than the beginning of next week. Thanks. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Junio C Hamano wrote: Jonathan Nieder jrnie...@gmail.com writes: Odd. https://www.gravatar.com/; also seems to work. I've put in a technical support query to find out what the Gravatar admins prefer. Thanks; will hold onto Andrej's patch until we hear what the story is. Good news: a kind person from Automattic answered that www.gravatar.com should work fine over SSL, both now and in the future, and promised to add updating documentation to their todo list. Thanks for your help and patience. Jonathan -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Jonathan Nieder jrnie...@gmail.com writes:
Odd. https://www.gravatar.com/; also seems to work. I've put in a
technical support query to find out what the Gravatar admins prefer.
Thanks; will hold onto Andrej's patch until we hear what the story
is.
Of course we could do something like this (untested).
gitweb/gitweb.perl | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index c6bafe6..b59773b 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -313,6 +313,14 @@ sub evaluate_uri {
'override' = 0,
'default' = [0]},
+ # Use https:// URL for embedded picons/gravatar images, to be used
+ # on installations that server gitweb over https://
+ 'subcontentssl' = {
+ 'sub' = sub { feature_bool('subcontentssl', @_) },
+ 'override' = 0,
+ 'default' = [0]},
+ }
+
# Enable the 'snapshot' link, providing a compressed archive of any
# tree. This can potentially generate high traffic if you have large
# project.
@@ -,6 +1119,7 @@ sub evaluate_git_dir {
}
our (@snapshot_fmts, $git_avatar);
+our ($gravatar_base_url, $picon_base_url);
sub configure_gitweb_features {
# list of supported snapshot formats
our @snapshot_fmts = gitweb_get_feature('snapshot');
@@ -1121,10 +1130,17 @@ sub configure_gitweb_features {
# if the provider name is invalid or the dependencies are not met,
# reset $git_avatar to the empty string.
our ($git_avatar) = gitweb_get_feature('avatar');
+ my $use_https = gitweb_check_feature('subcontentssl');
+
if ($git_avatar eq 'gravatar') {
$git_avatar = '' unless (eval { require Digest::MD5; 1; });
+ $gravatar_base_url = $use_https ?
+ https://secure.gravatar.com/avatar/; :
+ http://www.gravatar.com/avatar/;;
} elsif ($git_avatar eq 'picon') {
- # no dependencies
+ $picon_base_url = $use_https ?
+
http://www.cs.indiana.edu/cgi-pub/kinzler/piconsearch.cgi/; :
+
https://www.cs.indiana.edu/cgi-pub/kinzler/piconsearch.cgi/;;
} else {
$git_avatar = '';
}
@@ -2068,7 +2084,7 @@ sub picon_url {
if (!$avatar_cache{$email}) {
my ($user, $domain) = split('@', $email);
$avatar_cache{$email} =
-
http://www.cs.indiana.edu/cgi-pub/kinzler/piconsearch.cgi/; .
+ $picon_base_url .
$domain/$user/ .
users+domains+unknown/up/single;
}
@@ -2082,9 +2098,7 @@ sub picon_url {
sub gravatar_url {
my $email = lc shift;
my $size = shift;
- $avatar_cache{$email} ||=
- http://www.gravatar.com/avatar/; .
- Digest::MD5::md5_hex($email) . ?s=;
+ $avatar_cache{$email} ||= $gravatar_base_url .
Digest::MD5::md5_hex($email) . ?s=;
return $avatar_cache{$email} . $size;
}
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Just drop the scheme: part from the URL, so that these
external sites are accessed over https:// in such a case.
Signed-off-by: Andrej E Baranov ad...@andrej-andb.ru
---
gitweb/gitweb.perl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index c6bafe6..1309196 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -2068,7 +2068,7 @@ sub picon_url {
if (!$avatar_cache{$email}) {
my ($user, $domain) = split('@', $email);
$avatar_cache{$email} =
-
http://www.cs.indiana.edu/cgi-pub/kinzler/piconsearch.cgi/; .
+ //www.cs.indiana.edu/cgi-pub/kinzler/piconsearch.cgi/
.
$domain/$user/ .
users+domains+unknown/up/single;
}
@@ -2083,7 +2083,7 @@ sub gravatar_url {
my $email = lc shift;
my $size = shift;
$avatar_cache{$email} ||=
- http://www.gravatar.com/avatar/; .
+ //www.gravatar.com/avatar/ .
Digest::MD5::md5_hex($email) . ?s=;
return $avatar_cache{$email} . $size;
}
--
1.8.1.1
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Thanks; will queue. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
This won't work correctly as-is. The secure URL for Gravatar is https://secure.gravatar.com[1], not https://www.gravatar.com;. [1] See the Secure Requests section on: https://en.gravatar.com/site/implement/images/ On 29 January 2013 14:03, Junio C Hamano gits...@pobox.com wrote: Thanks; will queue. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Hi Bryan, Bryan Turner wrote: This won't work correctly as-is. The secure URL for Gravatar is https://secure.gravatar.com[1], not https://www.gravatar.com;. Odd. https://www.gravatar.com/; also seems to work. I've put in a technical support query to find out what the Gravatar admins prefer. Thanks, Jonathan -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] The images from picon and gravatar are always used over http://, and browsers give mixed contents warning when gitweb is served over https://.
Interesting. I wonder if they've changed it recently. I only pointed it out because a software product I'm working on had a bug because it was building the URLs with https://www...; and the resulting images were showing as X's instead of avatars. We had to change the implementation to use https://secure...; to get the avatars to load correctly. That's been ~8 months ago now, though, so maybe it's no longer the case. It seems like it would be much more convenient if they just changed the scheme. Bryan On 29 January 2013 15:12, Jonathan Nieder jrnie...@gmail.com wrote: Hi Bryan, Bryan Turner wrote: This won't work correctly as-is. The secure URL for Gravatar is https://secure.gravatar.com[1], not https://www.gravatar.com;. Odd. https://www.gravatar.com/; also seems to work. I've put in a technical support query to find out what the Gravatar admins prefer. Thanks, Jonathan -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
