Patch #18911
closed
check Setting.protocol when determining gravatar protocol
0%
Description
proposed change is in line 1235 of app/helpers/application_helper.rb
instead:
options.merge!({:ssl => (request && request.ssl?), :default => Setting.gravatar_default})
change to:
options.merge!({:ssl => ((Setting.protocol == 'https') || (request && request.ssl?)), :default => Setting.gravatar_default})
without that when Redmine is behind reverse proxy that do SSL gravatar links are generated as http (when everywhere else is https as expected after Setting.protocol is changed to 'https')
Related issues
Updated by Toshi MARUYAMA almost 10 years ago
- Related to Defect #9365: Gravatar don't utilize HTTPS added
Updated by Toshi MARUYAMA almost 10 years ago
- Status changed from New to Needs feedback
Similar change was refused at #9365.
Updated by Maciej Liżewski almost 10 years ago
OK... That is also acceptable solution.
I did not know about it (using http header) and I did not find it when I was looking for solution - maybe resolution of this issue could be only updating docs to point that out? (somewhere near the description of Settings protocol flag).
BTW - what is the reason for having this "protocol" setting? Does Redmine use it only when generating email messages?
Updated by Go MAEDA almost 9 years ago
- Related to Defect #21855: Gravatar get images over http instead https added
Updated by Go MAEDA over 8 years ago
- Status changed from Needs feedback to Closed
This issue have been resolved by #21855 (will be available as of Redmine 3.3.0).