You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users
Hi there.
I just installed the alpha version of the Blue Ocean plugin. I see the blue "Try Blue Ocean" button at the top of the page. However, when I try to get to the page I get an error in the console:
Mixed Content: The page at 'https://a.b.com/blue/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://a.b.com/blue/js-extensions/'. This request has been blocked; the content must be served over HTTPS.
Is this something I can fix locally or can someone patch it? I know its a alpha,but was hoping to at least get it to load up so I can test it out.
Thanks in Advance.
Daniel Beck
unread,
Jul 26, 2016, 2:25:29 PM7/26/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to jenkins...@googlegroups.com
What URL is configured in Manage Jenkins » Configure Jenkins » Jenkins Location? Should be HTTPS if you access Jenkins that way.
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
I went in and updated that to be HTTPS. I saved it but still getting the same error in the console when trying to go to the blue ocean url.
Any other ideas?
Thanks for the help.
Sincerely,
James Dumay
unread,
Jul 27, 2016, 2:13:28 AM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Does bouncing your Jenkins server help? Strangely we use https on blueocean.io right now and we are not seeing any issues.
Michael Neale
unread,
Jul 27, 2016, 2:14:06 AM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
This is odd, others use https and haven't seen this... the blue ocean url has https in it?
On Wednesday, July 27, 2016 at 6:24:55 AM UTC+10, Dan QAmbox wrote:
Dan QAmbox
unread,
Jul 27, 2016, 9:49:43 AM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
I restarted the server after updating the url in the configs to use https. Still getting the same error. Is still thinks that the url is http. Is there another place I need to set the https in the configs?
Sincerely
Dan QAmbox
unread,
Jul 27, 2016, 10:33:39 AM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
It's hard to say, it could be a quirk of proxy settings. The resources don't specify any absolute paths that I can tell.
if you use chrome, can you see what resources are trying to load that way, and what is triggering them? inspecting the JS will help a bit.
note that 'X-Forwarded-Proto' should be present in the request, which Jenkins willi honour. I think it is the same issue as you point out in that link.
Reverse proxies can be tricky - any more information you can provide about your setup will help. nginx has been in use by many and it doesn't have this issue (it does set that header).
Dominic Scheirlinck
unread,
Jul 27, 2016, 7:59:53 PM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Here's what's going on according to my testing:
- /blue/js-extensions/ is the only affected resource - The page attempts to load https://example.com/blue/js-extensions (NB: no trailing slash) - This results in a 302, redirecting to Location: http://example.com/blue/js-extensions/ (NB: trailing slash, but no HTTPS) - If I'm visiting this location directly, HSTS will send me (307) to https://example.com/blue/js-extensions/ (finally, the working URL), but HSTS doesn't seem to be applied to <script src> by UAs (or at least not consistently).
Like the other respondents, I've been using HTTPS Jenkins for years, have the correct protocol in the 'Jenkins Location' setting, and all the other assets on /blue/ (e.g. blueorigin.js or blueorigin.css) are being loaded over HTTPS correctly.
Regards,
Dom
On Thursday, 28 July 2016 10:45:36 UTC+12, Michael Neale wrote:
Michael Neale
unread,
Jul 27, 2016, 8:03:23 PM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Are you able to share the relevant parts of your nginx config?
I that redirect seems to be the problem (it should not redirect to non https, that seems a bug). I assume you are using example.com instead of your actual url just by way of example?
Dominic Scheirlinck
unread,
Jul 27, 2016, 8:16:25 PM7/27/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Hi Michael,
The relevant part is the proxy_redirect directive (I had mine at 'off').
Jenkins generates a redirect, and nginx (if acting as a reverse proxy) has to rewrite the location to the correct one (Jenkins, running behind the reverse proxy, is relatively correct in redirecting to HTTP I believe). Something like this directive should fix the problem: proxy_redirect http:// https://;
I guess the only real strange thing is that I managed to go this long without something else breaking it!
Dom
Michael Neale
unread,
Jul 28, 2016, 1:43:14 AM7/28/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Oh good catch.
I am still curious why it would redirect to http - in *theory* the header is available so it can know the forwarded protocol...
but good to hear this is resolved.
Dan QAmbox
unread,
Jul 28, 2016, 10:14:21 AM7/28/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
This is the EXACT behavior I am seeing. I have tried to update my NGNIX proxy but no matter what I change, its still not working. Can you provide what your ngnix configs look like so I can see where I might be off. Also note our jenkins box does not use jenkins in the DNS name. Doubt that should matter but thought I would mention it,
Thank you for the assistance.
Sincerely,
Dan QAmbox
unread,
Aug 2, 2016, 3:07:29 PM8/2/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Hi there.
I tried this but it does not work. I also upgraded to the latest alpha release but that didn't fix the issue either. Would it be possible to for you share you NGNIX config so I can check it against mine to see why its not working.
Thank you in advance.
Dan QAmbox
unread,
Aug 2, 2016, 3:29:31 PM8/2/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Users, m...@beckweb.net
Finally figured it out. Was looking in the wrong place. The file you need to update is under /etc/ngnix/site-enabled/jenkins.conf.