HTTPS and Theme

misilot · August 26, 2020, 9:28pm

Hello,

I have https working for both the studio and lms sites on juniper. However, I have noticed that I am getting content being served as http:// for example the organization logo.

The generated code is:

<div class="wrapper-logo">
     <p>
       <a href="/">
         <img alt="organization logo" src="http://online.server.org/static/new-theme/images/logo.90b48884ee5a.png">
       </a>
     </p>
</div>

Where in the template the footer.html includes the following

   <div class="wrapper-logo">
     <p>
       <a href="/">
         ## The default logo is a placeholder.
         ## You can either replace this link entirely or update
         ## the FOOTER_ORGANIZATION_IMAGE in Django settings.
         ## If you customize FOOTER_ORGANIZATION_IMAGE, then the image
         ## can be included in the footer on other sites
         ## (e.g. a blog or marketing front-end) to provide a consistent
         ## user experience.  See the branding app for details.
         <img alt="organization logo" src="${footer['logo_image']}">
       </a>
     </p>
   </div>

So not sure if there is a configuration flag I can set in lms.env.json/lms.yml files to say this site is HTTPS so when ${footer[‘logo_image’]} is compiled it is run with http instead of https.

Thank you!

misilot · August 28, 2020, 4:31am

Just putting these here. I had to enable the following:

I set these values and it works now with any mixed content errors.

NGINX_REDIRECT_TO_HTTPS: True
NGINX_HTTPS_REDIRECT_STRATEGY: "scheme"
NGINX_SET_X_FORWARDED_HEADERS: True

Once I did this, the urls were generated with https.

Tom

kike.ramirez · November 2, 2020, 12:47am

How did you make https works for studio? I need to do that but don’t know how.

I’ll appreciate some guidance if you can.

Thanks in advance,

misilot · November 10, 2020, 6:54pm

Below is some of the variables I have in server-vars.yml that I believe influence getting HTTPS working with nginx.

EDXAPP_LMS_BASE: "dev.online.example.org"
EDXAPP_CMS_BASE: "dev-studio.online.example.org"
EDXAPP_PREVIEW_LMS_BASE: "dev-preview.online.example.org"
CMS_HOSTNAME: '~^((stage|prod|dev)-)?studio.*'
EDXAPP_SESSION_COOKIE_DOMAIN: ".{{ EDXAPP_LMS_BASE }}"
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_NAME: "csrf-cookie-{{ EDXAPP_LMS_BASE }}"
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: ".{{ EDXAPP_LMS_BASE }}"
EDXAPP_LOGIN_REDIRECT_WHITELIST:
  - "{{ EDXAPP_CMS_BASE }}"
EDXAPP_SESSION_COOKIE_SECURE: true
EDXAPP_CSRF_COOKIE_SECURE: true
# NGINX settings:
NGINX_ENABLE_SSL: True
NGINX_REDIRECT_TO_HTTPS: True
# This variable is only checked if NGINX_REDIRECT_TO_HTTPS is true
# It should be set to one of !!null, "scheme" or "forward_for_proto"
NGINX_HTTPS_REDIRECT_STRATEGY: "scheme"
NGINX_SET_X_FORWARDED_HEADERS: True

NGINX_SSL_CERTIFICATE: "/klib/conf/ssl/online.example.org-fullchain.crt"
NGINX_SSL_KEY: "/klib/conf/ssl/online.example.org.pem"
EDXAPP_LMS_SSL_NGINX_PORT: 443
EDXAPP_CMS_SSL_NGINX_PORT: 443
EDXAPP_LMS_NGINX_PORT: 80
EDXAPP_CMS_NGINX_PORT: 80

Topic		Replies	Views
LTI with Google Chrome (iframe), Juniper and HTTPS via Nginx Site Operations Help	2	634	September 3, 2020
Javascript error after updating the theme Design how-to , juniper , theming	1	824	January 17, 2021
Setting up a subdomain for the studio cms in the juniper.2 release Site Operations Help juniper	4	2138	November 22, 2020
Oauth2 not working Site Operations Help online , how-to , ecommerce , juniper	7	2333	December 17, 2020
Using Juniper.1 in production Site Operators how-to , juniper , theming	1	539	June 26, 2020

HTTPS and Theme

Related Topics