Bug #35449
closed
https (SSL) for extension images
0%
Description
First thx for ssl secure ter images.
Secure connection for extension-icons in em search.
Only problem is typo3.org is only hoster with a valid SSL certificate.
If backend is SSL with icons must load from typo3.org.
e.g. (i don't know the code ;) )
if(SSL){
$mirror['imageurl'] = "https://typo3.org/fileadmin/"
}
Updated by Georg Ringer about 12 years ago
- Subject changed from https (SSL) for extansion images to https (SSL) for extension images
Updated by Georg Ringer about 12 years ago
https://www.typo3.org/fileadmin/templates/images/logo-tu-clausthal.gif seems to work fine?
Updated by Xaver Maierhofer about 12 years ago
if i have random mirror, i get the image from http://tar.mittenwald or http://typo3.org/fileadmin and no https
Updated by Jigal van Hemert about 12 years ago
- Status changed from New to Needs Feedback
What is the exact problem with the extension icons not being fetched through an SSL connection? It's from a different domain than your backend, so it would not use the same certificate anyway.
Updated by Xaver Maierhofer about 12 years ago
If i have a lot of personal informations in backend to handle and an SSL certificate.
I use this settings:
$TYPO3_CONF_VARS['BE']['lockSSL'] = '1';
$TYPO3_CONF_VARS['BE']['lockSSLPort'] = '443';
And if any source without a ssl certificate is loaded -> the addressbar will turn normal (white).
If you go back to list to handle personal informations the addressbar won't ensure everything is encrypted, because with frames the content (mainframe isn't reloaded).
Updated by Jigal van Hemert about 12 years ago
This requires a change in the mirror list file I'm afraid. There are installation which are limited in the external domains they have access to. In such cases there is a specific mirror selected.
Also, a mirror might have a different host and/or path for secure images (e.g. Twitter has http://a0.twitter.com/... for avatar images and https://si0.twitter.com/... for avatars over SSL). So, we need to add host_ssl and path_ssl to the mirror list.
If a random mirror is used the code should select one of the mirrors which has a secure host/path setting.
First it should be determined if the mirror file can be expanded.
Updated by Alexander Opitz over 10 years ago
- Status changed from Needs Feedback to New
- Is Regression set to No
Updated by Wouter Wolters almost 10 years ago
- Status changed from New to Closed
We do not show a mirror image anymore in the newest Extension Manager. This is obsolete now.