Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

[blocked] Javascript content due to scripts not using relative urls?

  • jleimgruber
  • jleimgruber's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
10 years 1 day ago - 10 years 1 day ago #106418 by jleimgruber
Hello,

I've moved this to the forums from the bugtracker id 8864

I am running LimeSurvey 2.05+ under Apache2 running behind an nginx reverse proxy. The latest issue that has come up can be seen from the Google Chrome Development Console output:

[blocked] The page at ' my.site.com/limesurvey/index.php/admin/globalsettings ' was loaded over HTTPS, but ran insecure content from ' my.site.com/limesurvey/tmp/assets/b0284c...ss/bootstrap.min.css ': this content should also be loaded over HTTPS.

Is there a way to tell LimeSurvey to use use protocol relative urls when referencing scripts? e.g. start with "//" instead of "http(s)://" ?

I'm using a common setup where nginx terminates the SSL connection and proxies via port 80 http upstream to apache2/LimeSurvey.

There might be a clue in function application/helpers/common_helper.php: enforceSSLMode()
$bSSLActive = ((!empty($_SERVER 'HTTPS') && $_SERVER 'HTTPS' != "off")||
(isset($_SERVER 'HTTP_FORWARDED_PROTO') && $_SERVER 'HTTP_FORWARDED_PROTO'=="https")||
(isset($_SERVER 'HTTP_X_FORWARDED_PROTO' ) && $_SERVER 'HTTP_X_FORWARDED_PROTO'=="https"));

So possibly I need to set HTTP_X_FORWARDED_PROTO to 'https' ?

nginx rewrites incoming http to http:
server {
server_name *.mysite.com mysite.com;
listen 80;
listen [::]:80 ipv6only=on;
## redirect all incoming http to https ##
rewrite ^ https://$host$request_uri permanent;
}

nginx listens for https on port 443 in the proxy config file:
location @limesurvey {
proxy_pass http://$service;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Host $server_name;
}

I'm using the default setting from config-defaults.php: $config 'force_ssl' = ''

Thanks for any tips!
Last edit: 10 years 1 day ago by jleimgruber. Reason: braces gobbling text
The topic has been locked.
  • jleimgruber
  • jleimgruber's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
10 years 1 day ago #106419 by jleimgruber
SOLVED!

It works if I set this in the nginx config:

proxy_set_header X-Forwarded-Proto https;
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose