asset_proxy url for source editor generated with HTTP (should be https)

[Brad Bode]

Mezzanine is humming along on AWS with a load balancer, ssl, RDS, etc... I've learned a lot, but now I am hoping someone has the answer here. 

For whatever reason the "asset_proxy" is using HTTP not HTTPS. The problem ONLY seems to occur when I click on the HTML editor in a rich text page. The URL for Tiny MCE is generated as follows:

http://www.myurl.com/asset_proxy/?u=https://s3.amazonaws.com/mybucket.com/static/grappelli/tinymce/jscripts/tiny_mce/themes/advanced/source_editor.htm

Note that the protocol is HTTP, not HTTPS so the browser complains and never loads it in the background. I've searched the web and found that others have had this issue, but mostly with NGINX and or there wasn't a clear answer. In addition, most of the answers were old. 

All other URL's are generating fine. How is the asset_proxy URL generated and why is it used?

Thanks,

Brad

[Brad Bode]

Is the purpose of the asset proxy to load files that are not on the same domain (from a CDN) so that Tiny MCE works? It seems that way to me. 

What I haven't figured out yet is where the asset_proxy url is inserted! The HTTPS needs to be entered, not HTTP

Any help?

[Brad Bode]

So this is particular to using Amazon S3 and boto "ProtocolIndependentOrdinaryCallingFormat". 

When you are using a ProtocolIndependentOrdinaryCallingFormat the URL's for resources are constructed without a protocol (http or https). 

For instance,

'//s3.amazonaws.com/martialmoves.com/static/js/bootstrap.js'

Note that there is no HTTP or HTTPS indicator. Which means TInyMCE assumes it's HTTP when constructing the resource URL for the Source Editor. Since this is done in javascript it makes it very difficult to correct. 

However, if you do not use the ProtocolIndependentOrdinaryCallingFormat other aspects of the software do not work. I'll be poking into it more, but it's certainly an issue if using boto.

[Brad Bode]

It turns out I made a mistake. Not being completely aware of how Tiny MCE works, I didn't put the 'asset_proxy" into the SSL_FORCE_URL_PREFIXES. 

So, if you want to make sure the Tiny MCE source editor works over SSL, ensure that you have setup Mezzanine to use SSL for any asset_proxy url. The setting to secure admin, accounts, and the asset_proxy is as follows:

SSL_FORCE_URL_PREFIXES = ('/admin', '/account', '/asset_proxy')

I hope this helps someone else.