[Systems] [SOLVED] Wiki Cpatcha Mixed Content
scanterog at gmail.com
Tue Dec 8 17:46:59 EST 2015
Great Sam P! Good Job! Thanks!
On Tue, Dec 8, 2015 at 1:12 PM, Bernie Innocenti <bernie at codewiz.org> wrote:
> On 12/08/2015 04:50 AM, Sam P. wrote:
> > Hi All,
> > I've seen 2 reports today from different people. Both said that the
> > they were editing pages and tried to save. Then it asked them for a
> > capacha. The capacha did not show.
> > It resulted in a mixed content warning, from irc "Mixed Content: The
> > page at
> > 'https://wiki.sugarlabs.org/index.php?title=User:Vipulroxx&action=submit'
> > loaded over HTTPS, but requested an insecure script
> > '
> > This request has been blocked; the content must be served over HTTPS.
> > Uncaught"
> > I didn't test over http, because the wiki now forces https (good thing!).
> > I edited extensions/ConfirmEdit/ReCaptcha.class.php. It has a $useHttps
> > variable which I just forced to be true. There is probably a better
> > fix, but I can't think right now sorry. I'll have a look again later.
> Thanks for the fix. I checked the code, and it seems odd that the check
> didn't work on its own:
> $useHttps = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on');
> We're running ancient versions of Apache (2.2.14) and php (5.3.2).
> Extension developers probably don't test their code against these any more.
> We should look into moving the wiki to a container and / or upgrade
> ubuntu on sunjammer. I could do the upgrade over the christmas / new
> year holidays if an FSF sysadmin pledges to be around in case the
> machine becomes unbootable. We probably have console access to
> sunjammer, but I don't remember how to get to it.
> _ // Bernie Innocenti
> \X/ http://codewiz.org
> Systems mailing list
> Systems at lists.sugarlabs.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Systems