Progress bar not HTTPS compatible

I labored over this for a while today. You're right, the progress bar does not work with HTTPS/SSL. I setup my localhost with a self-signed certificate. Visiting http://localhost/node/add/file works with the progress bar just fine. The exact same page at https://localhost/node/add/file, the progress bar does not work.

I couldn't find any possible resources on getting the PECL uploadprogress extension or APC to work with SSL. I'm guessing it has something to do with the way SSL operates, that such compatibility isn't possible (or not currently supported). I'm not a server-guru though, so I can't claim that I know the reason why it doesn't work, or what to do to get it working.

I attempted to work-around the problem, by submitting the AJAX upload requests via HTTP instead of HTTPS, with the following rewrite rules:

  # Reroute HTTPS upload requests to HTTP for progress bar support.
  <IfModule mod_ssl.c>
    RewriteCond %{HTTPS} =on
    RewriteCond %{QUERY_STRING} filefield/ahah|filefield/progress
    RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI}
  </IfModule>

The worked in rerouting the requests when you visit https://localhost/filefield/ahah, but it didn't do any good, since the the 302 redirect isn't supported by our AHAH library (it just returns an Apache 302 error page).

Well... after some more testing, https suddenly started working. I haven't made any changes that I can find... restarting the server and checking out clean copies, trying in both Safari and Firefox... it still works. I guess it's encouraging to know it can work, but I have no idea what change made it start working.

Yeah, that's the problem, I don't know what changed (nothing as far as I know). The workaround is not necessary. I've set up the site with a self-signed SSL certificate (no password though). So far I don't know what is necessary to make it work. It didn't work at all when I first set it up, then after 30 minutes or so it kicked in, I undid everything I changed and it keeps working (even after several restarts).

I'm using the latest version of filefield and still having this issue... I'm not sure what #5 actually means. Is this ticket fixed, or do I need to upgrade one of my libraries to make it work? Also, I wasn't able to get the workaround in #1 working for me.

@hadsie: Basically the issue with HTTPS and FileField is not actually a bug, you just need to make sure that FileField AJAX requests are done via HTTP instead of HTTPS. #1 is actually a working solution, as far as I know.

Hi there, although this issue is closed: Using the module "Secure Pages" makes it easy to define, that paths like filefield/* (or */autocomplete/* or */ajax/*) should be ignored. So it seems to me that the module somehow offers what is done via some code in #1.
At least it seems to work for me now adding the filefield/* to the "ignore pages" area of the secure pages module...

@All :) We are confirming this challenge with HTTPS and Drupal FileField module. Thanks to Stefan F. for his Discovery to confirming this.

@windm :) Thanks for your workaround in your comment #9 above :) I added it to this general documentation at https://www.drupal.org/node/793264#gen-faq---bar-stuck

We are facing the same challenge. For those not familiar with "Secure Pages" module, it is located at https://www.drupal.org/project/securepages

In other words, windm's workaround is using the securepages module you are able to force specific URL(s)/page(s) to use HTTP instead of HTTPS

@quicksketch :) Thanks for your rewrite rules workaround in your comment #1 above

I added your workaround to this general documentation at https://www.drupal.org/node/793264#gen-faq---bar-stuck