Hi Angelo,
David has officially fixed this issue at r763855, but please read his comment!
Jacques
PS: Oops just read David's post, anyway...
From: "Angelo Matarazzo" <[email protected]>
Hi Jacques,
I understood the problem.
I have looked at RequestHandler.java line 184.
At line 179 there is if (!request.isSecure() && requestMap.securityHttps).
Now with "http://localhost:8080"; request.isSecure() is "false" but
requestMap.securityHttps depends on ConfigXMLReader.java at line 384
'this.securityHttps = "true".equals(securityElement.getAttribute("https"));'
In your opinion is it good idea change ConfigXMLReader.java in this way?
- if (securityElement != null) {
- this.securityHttps =
"true".equals(securityElement.getAttribute("https"));
+boolean useHttpsDefault =
UtilProperties.propertyValueEqualsIgnoreCase("url.properties",
"port.https.enabled", "Y");
+if (securityElement != null) {
+ if (useHttpsDefault))
this.securityHttps =
"true".equals(securityElement.getAttribute("https"));
+
+ else {
+ this.securityHttps = false;
+ }
Thanks,
Angelo
jacques.le.roux wrote:
After the changes recently introduced. The campaign to secure URLs for
link, hyperlink and sub-hyperlink is now finished.
Please report any related errors you may cross
Thanks
Jacques
--
View this message in context:
http://www.nabble.com/Secure-URLs-end-for-link%2C-hyperlink-and-sub-hyperlink-tp22894715p22966638.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
