http in API responses (blocked as mixed content)
261 views
Skip to first unread message
Matyas F. Bajger
Jul 28, 2023, 7:51:07 AM7/28/23
to DSpace Technical Support
Hi Team,
please could you help us with installation - setting the access to https
only.
We have backend and frontend on the same server (eduo.osu.cz), backend
calls are redirected by apache proxy to localhost:8080 tomcat port.
In local.cfg, we have set: dspace.server.url = https://eduo.osu.cz/server
When I open the DSpace homepage, primary API calls are correct, like
https://eduo.osu.cz/server/api [HTTP/1.1 200 75ms]
Still, the API calls that contain uri parameter, like
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
have http:// protocol in the uri argument value. These requests are
blocked by API/backend:
# curl
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature'
{"timestamp":"2023-07-28T11:40:05.876+00:00","status":400,"error":"Bad
Request","message":"Request is invalid or
incorrect","path":"/server/api/authz/authorizations/search/object"}[root@eduard
config]#
If I manually change the ?uri to uri=https://..., I get the correct API
answer:
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
OR
curl
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature'
{
"_links" : {
"self" : {
"href" :
"http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin"
} ... ...
Please, don't you have any idea, which settings etc. causes the "http:"
in uri argument, or how to change it to https?
Thank you a lot in advance for any response!
Best!
Matyas F. Bajger
library systems administrator
University of Ostrava - University Library
https://library.osu.eu
please could you help us with installation - setting the access to https
only.
We have backend and frontend on the same server (eduo.osu.cz), backend
calls are redirected by apache proxy to localhost:8080 tomcat port.
In local.cfg, we have set: dspace.server.url = https://eduo.osu.cz/server
When I open the DSpace homepage, primary API calls are correct, like
https://eduo.osu.cz/server/api [HTTP/1.1 200 75ms]
Still, the API calls that contain uri parameter, like
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
have http:// protocol in the uri argument value. These requests are
blocked by API/backend:
# curl
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature'
{"timestamp":"2023-07-28T11:40:05.876+00:00","status":400,"error":"Bad
Request","message":"Request is invalid or
incorrect","path":"/server/api/authz/authorizations/search/object"}[root@eduard
config]#
If I manually change the ?uri to uri=https://..., I get the correct API
answer:
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
OR
curl
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature'
{
"_links" : {
"self" : {
"href" :
"http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin"
} ... ...
Please, don't you have any idea, which settings etc. causes the "http:"
in uri argument, or how to change it to https?
Thank you a lot in advance for any response!
Best!
Matyas F. Bajger
library systems administrator
University of Ostrava - University Library
https://library.osu.eu
DSpace Technical Support
Jul 28, 2023, 10:58:28 AM7/28/23
to DSpace Technical Support
Hi Matyas,
This sounds like it could be related to this "Common Installation Issue": https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-MyRESTAPIisrunningunderHTTPS,butsomeofits%22link%22URLsareswitchingtoHTTP
This sounds like it could be related to this "Common Installation Issue": https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-MyRESTAPIisrunningunderHTTPS,butsomeofits%22link%22URLsareswitchingtoHTTP
Check the recommendations there and see if they have any impact.
Tim
Matyas F. Bajger
Jul 31, 2023, 1:31:27 AM7/31/23
to dspac...@googlegroups.com
Hi Tim!
Thank you much, you got it! The problem was really in missing
http header X-Forwarded-Proto: https,
as we use apache mod_proxy to
redirect to both nodejs and tomcat ports. Adding the rule to this
header to httpd.conf solved the issue!
All the best!
Matyas
Dne 28.07.2023 v 16:58 DSpace Technical
Support napsal(a):
--
All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/819ad4a5-558d-4f9c-9d18-0829508a0080n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages