Imagecache does not respect https secure SSL links
| Project: | ImageCache |
| Version: | 6.x-2.0-beta9 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
There's an issue with imagecache that if you run your website under SSL, imagecache still creates absolute URL's using http:// . This causes warnings in browsers like IE6 about insecure content. Yes, I know that IE is lame and probably shouldn't be complaining, but I feel that imagecache if it's going to provide absolute URL's should at least respect and create HTTPS urls.
The problem comes in the funciton imagecache_create_url in which absolute => "TRUE" gets passed. Not sure why this is going on, but I bet it's a hack so that imagecache will work in the exceptional cases where a full URL is required. Well this work around for that bug, creates the https:// bug and we should resolve this as well.
This is important to me as I will lose sales from stupid people using IE in my stores from these warnings.
#1
Please comment the base URL in the settings.php file. (sites/default/settings.php). This will help imagecache to recognize http or https and will generate URLs on that basis. Hope this helps to resolve the issue.
#2
I don't think this fixes the issue. If I set base_url to https:// it will set all my imagecaches to https:// even when I'm browsing on http://
I think what should happen is imagecache should figure out which protocol we're surfing on and appropriately set http:// or https:// accordingly.
I host the same mirror of my site with http and https and I use the secure pages module to bounce my users between http & https depending if that page should be secure or not (credit cards, user login) , but imagecache will always give me http links based on how it currently works.
#3
You could write a little check in your settings.php to see if it's an SSL request or not, and set $base_url accordingly. I haven't tested it, but maybe try something like this:
if (!empty($_SERVER['HTTPS'])) {$base_url = 'https://' . $_SERVER['HTTP_HOST'];
}
#4
Quite sure this is actually related to --> http://drupal.org/node/597432
#5
j0rd,
Have you manage to find a fix for this? I have problems with imagecache breaking my secure pages as well.
Have tried #3 and the patch from the link of #4, both haven't helped fixing the problem.
Help is greatly appreciated!
Cheers
#6
Found a solution to my imagecached images causing problems
My secure pages setup:
- enabled
- checked: Switch back to http pages when there are no matches
- Non-secure Base URL: (nothing)
- Secure Base URL: (nothing)
- checked: Make secure only the listed pages.
- pages: (the pages you want secured)
- Ignore pages:
*/autocomplete/*
*/ajax/*
*/imagecache/*
Special attention for */imagecache/*
This worked for me!
Cheers