Joomla! Issue Tracker | Joomla! CMS #8970 - Install over SSL fails: Blocked loading mixed active content

Closed
24 Jan 2016
Medium
Build: master
# 8970

itoffshore
23 Jan 2016

Trying to install over ssl in Firefox 43.0.4 fails with:

Blocked loading mixed active content

This is similar to this issue with how jquery.min.js (line 5, col 25377) is called.

The specific code that fails is:

<!--[if lt IE 9]>
            <script src="../media/jui/js/html5.js"></script>
        <![endif]-->
        <script type="text/javascript">
            jQuery(function()
            {   // Delay instantiation after document.formvalidation and other dependencies loaded
                window.setTimeout(function(){
                    window.Install = new Installation('container-installation', 'http://mydomain.com/installation/index.php');
                }, 500);

            });
</script>

itoffshore - open - 23 Jan 2016

itoffshore - comment - 23 Jan 2016

This issue is caused by installing joomla through a reverse proxy with ssl terminating on the proxy & not making use of X-Forwarded-Proto in the backend.

itoffshore - change - 24 Jan 2016

Status	New	⇒	Closed
Closed_Date	0000-00-00 00:00:00	⇒	2016-01-24 11:52:28
Closed_By		⇒	itoffshore

itoffshore - close - 24 Jan 2016

brianteeman - close - 24 Jan 2016

brianteeman - change - 22 Apr 2016

Labels

Added: ?

SatWiz - comment - 22 May 2016

Even with a "X-Forwarded-Proto https" rule in Haproxy makes a new installation over SSL fails for Joomla 3.5.1. Any suggestions to get it work?

mrfreezer - comment - 22 May 2016

haha satwiz thats exactly the same problem i was having...

honestly i was thinking about posting a rather "not nice" comment about that pretty smartassy answer but i felt like i had better things to do ^^

anyways. i am having the same problem, haproxy 1.6.5, openssl 1.0.2, nginx 1.9.5 and TADAAAA html/2 enabled.

i don't know if you are using html/2 as well, @SatWiz but in this case the problem is that haproxy doesn't proxy http/2 connections on level7 but on level4 and therefore does not inject the x-forwarded headers.

SatWiz - comment - 23 May 2016

nginx version: nginx/1.9.10
HA-Proxy version 1.6.4

OpenSSL 1.0.1k

Hypertext Transfer Protocol
GET / HTTP/1.1\r\n
[Expert Info (Chat/Sequence): GET / HTTP/1.1\r\n]
[GET / HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /
Request Version: HTTP/1.1
Host: xxxxxxxx.nl\r\n
Cache-Control: max-age=0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8\r\n
Upgrade-Insecure-Requests: 1\r\n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36\r\n
Accept-Encoding: gzip, deflate, sdch\r\n
Accept-Language: en-US,en;q=0.8,nl;q=0.6\r\n
Cookie: xxxxx436570de83b8b4670a5f558=d693mn39r43efn9b88etqdtd71; xxxxxe8d1506717c69c943ed7b14ef6=s1tp0gd2bc49mua0k4khj5n1j4\r\n
Cookie pair: xxxxxxx436570de83b8b4670a5f558=d693mn39r43efn9b88etqdtd71
Cookie pair: xxxxxxxe8d1506717c69c943ed7b14ef6=s1tp0gd2bc49mua0k4khj5n1j4
X-Client-IP: 83.xxx.xxx.177\r\n
X-Forwarded-Port: 443\r\n
X-Forwarded-Proto: https\r\n
Connection: close\r\n
\r\n
[Full request URI: http://xxxxxxxx.nl/]
[HTTP request 1/1]

SatWiz - comment - 23 May 2016

I think this issue should be opened and solved by the Joomla team?

Add a Comment

Older
Newer

Joomla! Issue Tracker - CMS

[#8970] - Install over SSL fails: Blocked loading mixed active content

OpenSSL 1.0.1k

Add a Comment