Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-27970

Images URI contains wrong protocol when HTTPS connection goes through Varnish

    XMLWordPrintable

    Details

      Description

      If eZ Publish uses Varnish and additional node for processing SSL connections then images URI contains wrong protocol (http:// instead of https://).

      Environment configuration:

      1. Option 1 (same as customer configuration)
        • haproxy - process SSL connection, "unpacks" it and forward HTTP request to Varnish
        • Varnish - process HTTP request, deliver cached content or if MISS sends request backed
        • Apache2 - vhost for eZ Publish, configured for HTTP connections
      1. Option 2 (created for additional test)
        • Apache2 - vhost for processing HTTPS requests, listen on 443 port, has configured proxy to Varnish. "Unpacks" HTTPS request and forward it to Varnish.
        • Varnish - process HTTP request, deliver cached content or if MISS sends request backed
        • Apache2 - vhost for eZ Publish, configured for HTTP connections

      Steps to reproduce:

      1. Configure environment in accordance with instruction above
      2. Go to https://ip:port of your haproxy/Apache2 (SSL) node
        All images served by the new stack won't be loaded. If you take a look at page source, you can see that every image has URI starting with *http://*.
        Images served by legacy (if any) will be loaded normally because they have relative URIs.

      Additional information:

      1. IORepositoryResolver::getBaseUrl() - in this case returns URL with *http://*
        (https://github.com/ezsystems/ezpublish-kernel-ee/blob/v5.4.10/eZ/Bundle/EzPublishCoreBundle/Imagine/IORepositoryResolver.php#L162-L187). In general, this behavior is correct, because in fact there is HTTP request, but later it is "packed" back to HTTPS by haproxy.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            kamil.madejski@ez.no Kamil Madejski
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: