Relative to protocol URLs (network-path reference) to solve problems when you use HTTP+HTTPS
146 views
Skip to first unread message
Stefano Gargiulo
Apr 27, 2012, 11:15:44 AM4/27/12
to joomla-...@googlegroups.com
http://tools.ietf.org/html/rfc3986#section-4.2
Maybe most people ignore it, but "//" prefix is an awesome thing:
<a href="//www.google.com"> in a webpage means
http://www.google.com if your browser is showing an http resource
Maybe most people ignore it, but "//" prefix is an awesome thing:
<a href="//www.google.com"> in a webpage means
http://www.google.com if your browser is showing an http resource
https://www.google.com if your browser is showing an https resource
file://www.google.com if your browser is showing an local resource
ftp://www.google.com if your browser is showing an ftp resource
ftp://www.google.com if your browser is showing an ftp resource
etc...
Now in joomla 2.5 there is a problem, if you use cache (but also with default caching and template frameworks like wrap6 that use some internal template caching by defualt) and your site is published both with HTTP or HTTPS (a case that's becoming day by day more common, think at facebook canvas apps that requires HTTPS e.g. i use joomla to deploy sites that are also browsable as facebook apps)
If you browse the site first with HTTP and then with HTTPS you will get
<base href="http://mysite.com" />
in the HTTPS version!!!
So all your css/js are blocked or alerted by browser security mechansim
So why not to use // in the base href generated in application.php?
I temorary patched all my problems putting a raw:
PS: ANOTHER SOLUTION TO FIX THIS PROBLEM CAN BE TO KEEY CURRENT CODE FOR BASE HTEF, BUT SEPARATE HTTP FROM HTTPS CACHE FOR ALL THE JOOMLA STUFF, I MEAN YOU CAN USE PROTOCOL ALSO TO BUILD CACHE KEYS (BUT THIS MEAN DOUBLE OF THE STORAGE SPACE)..
Best regards,
Stefano.
Now in joomla 2.5 there is a problem, if you use cache (but also with default caching and template frameworks like wrap6 that use some internal template caching by defualt) and your site is published both with HTTP or HTTPS (a case that's becoming day by day more common, think at facebook canvas apps that requires HTTPS e.g. i use joomla to deploy sites that are also browsable as facebook apps)
If you browse the site first with HTTP and then with HTTPS you will get
<base href="http://mysite.com" />
in the HTTPS version!!!
So all your css/js are blocked or alerted by browser security mechansim
So why not to use // in the base href generated in application.php?
I temorary patched all my problems putting a raw:
$baseUrl=str_replace("http://","//",str_replace("https://","//",JURI::current()));
$document->setBase(htmlspecialchars($baseUrl));
instead of the default
$document->setBase(htmlspecialchars(JURI::current()));
(yes i ask you for a more elegant way to do that)
in /includes/application.php:176 in my latest stable joomla 2.5 release.
network-path reference are in the following RFC: http://tools.ietf.org/html/rfc3986#section-4.2
it seems all modern browsers support it, except little problem with IE6 security mechanism (not support, but you get them also if you don't fix this issue and the site is http+https)
http://paulirish.com/2010/the-protocol-relative-url/instead of the default
$document->setBase(htmlspecialchars(JURI::current()));
(yes i ask you for a more elegant way to do that)
in /includes/application.php:176 in my latest stable joomla 2.5 release.
network-path reference are in the following RFC: http://tools.ietf.org/html/rfc3986#section-4.2
it seems all modern browsers support it, except little problem with IE6 security mechanism (not support, but you get them also if you don't fix this issue and the site is http+https)
PS: ANOTHER SOLUTION TO FIX THIS PROBLEM CAN BE TO KEEY CURRENT CODE FOR BASE HTEF, BUT SEPARATE HTTP FROM HTTPS CACHE FOR ALL THE JOOMLA STUFF, I MEAN YOU CAN USE PROTOCOL ALSO TO BUILD CACHE KEYS (BUT THIS MEAN DOUBLE OF THE STORAGE SPACE)..
Best regards,
Stefano.
Stefano Gargiulo
May 6, 2012, 5:18:26 PM5/6/12
to joomla-...@googlegroups.com
elin
May 6, 2012, 9:37:28 PM5/6/12
to joomla-...@googlegroups.com
I think it looks really useful and could solve some ongoing issues, and you should think about doing the code and putting it in the feature tracker for people to test.
Elin
Reply all
Reply to author
Forward
0 new messages