Uploaded image for project: 'Openmeetings'
  1. Openmeetings
  2. OPENMEETINGS-1481

redirect http from moodle3 plugin

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Not A Problem
    • 3.1.2
    • None
    • Plugins
    • None
    • Debian jessie, openmeetings 3.1.2 cluster configuration three servers
      Openmeetings 3.1.2 https proxyed with lighttpd
      Openmeetings 5080 port is listen localhost

    Description

      Hi,
      We've redirected 443 port and protocol https to 5080 port in localhost. We've used lighttpd proxy module and the openmeeting is running ok (http headers include X-Forwarded-For and X-Forwarded-Proto).
      We are using moodle integration with openmeetings with https protocol and 443 port.
      When we try go into room from moodle, browser request:

      /GET /openmeetings/swf?&secureHash=b43151fb-de26-45e0-b833-d74565dcad13&scopeRoomId=11&language=8 HTTP/1.0
      Host: cvom.unex.es
      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:48.0) Gecko/20100101 Firefox/48.0
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
      Accept-Encoding: gzip, deflate, br
      Referer: https://xxx.com/zonauex/evuex/mod/openmeetings/view.php?id=321072
      Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxx
      Upgrade-Insecure-Requests: 1
      X-Forwarded-For: 158.49.197.173
      X-Host: xxx.com
      X-Forwarded-Proto: https

      And openmeeting response redirect to http:

      Server: Apache-Coyote/1.1
      Set-Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      Path=/openmeetings/; HttpOnly
      Date: Fri, 30 Sep 2016 08:20:48 GMT
      Expires: Thu, 01 Jan 1970 00:00:00 GMT
      Pragma: no-cache
      Cache-Control: no-cache, no-store
      Location: http://xxx.com/openmeetings/swf?secureHash=b43151fb-de26-45e0-b833-d74565dcad13&scopeRoomId=11&language=8&protocol=https&host=xxx.com&port=443&context=openmeetings
      Content-Length: 0
      Connection: close

      I've found this old ticket: https://mail-archives.apache.org/mod_mbox/openmeetings-user/201507.mbox/%3CBLU436-SMTP207B0A2B5185C994D8BB9C4D49F0@phx.gbl%3E
      is related to same problem, but the patch is applied from version 3.0.7 so I don't know is the same problem.

      This problem blocks room access when users are using recent browsers, though they disable https protection.

      Thanks by advance

      Attachments

        Activity

          People

            solomax Maxim Solodovnik
            arduran Arturo Durán Domínguez
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: