roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Raible <>
Subject Re: Absolute URL without scheme prefix
Date Tue, 08 Apr 2014 15:35:40 GMT
I was successful in fixing my base URL by changing it to:

<base href="$absBaseURL.replace('https:', '')" />

Now everything works with both http and https, provided I change iframes
(and other embedded URLs) to use // instead of http://.

I was unable to get "force HTTPs" to work, either by modifying web.xml or

For web.xml, I tried adding the following:

            <web-resource-name>HTTPS resources</web-resource-name>



Once I did this, I was redirected, but to port 8443 instead of 443. To fix
this, I changed tomcat/conf/server.xml to the following:

    <Connector port="8118" protocol="HTTP/1.1"
               redirectPort="443" />

After doing this, I received an infinite loop error in my browser.

Next, I tried modifying security.xml by adding the following:

<intercept-url pattern="/roller-ui/**" requires-channel="https" />

This seems to intercept forwards as well, so when trying to go to the
top-level URL, I was redirected to the following URL and got a infinite
loop error again.

It would be nice to force SSL on the editor pages, but it seems impossible
with the current setup - unless I do it at the Apache level with



On Tue, Apr 8, 2014 at 8:51 AM, Matt Raible <> wrote:

> After further inspection, it looks like it's working fine on your blog.
> I'm guessing this is because you're missing a <base> element, whereas I
> have:
> <base href="" />
> On Tue, Apr 8, 2014 at 8:47 AM, Matt Raible <>wrote:
>> This seems to get me part of the way there - thanks Glen.
>> To enable SSL and have it work for embedded iframes, it looks like I'll
>> have to change <iframe src="http://..."> to <iframe src="//...">.
>> Another thing I noticed is comments XML doesn't load. Is this because I
>> don't have a valid cert on my site? My certificate is for *.
>> - is just a test site. If I use
>> the "https" version of the URL below, it works fine.
>> XMLHttpRequest cannot load
>> No
>> 'Access-Control-Allow-Origin' header is present on the requested resource.
>> Origin '' is therefore not allowed access.
>> On Mon, Apr 7, 2014 at 6:10 PM, Glen Mazza <> wrote:
>>> Hi Matt, I think what I'm doing on my OpenShift blog (http[s]://
>>> could work for you:
>>> 1.) On the blog server administration page, "Absolute URL to site (if
>>> required)" field, I have ""
>>> 2.) I uncommented the <security-constraint/> section at the bottom of
>>> the default web.xml:
>>> roller/trunk/app/src/main/webapp/WEB-INF/web.xml?view=markup
>>> This gives me both https:// and http:// for the blog reader, but only
>>> the former when I'm creating blogs, logging in, etc.
>>> HTH,
>>> Glen
>>> On 4/7/2014 3:56 PM, Matt Raible wrote:
>>>> I'm thinking about making my site accessible over http as well as
>>>> https. One thing I noticed is the absolute URL requires a prefix. I tried
>>>> changing it from "http://" to just "//" (so it uses the same scheme as
>>>> the page) and it fails:
>>>> no protocol: //localhost:8080
>>>>         at<init>(
>>>>         at<init>(
>>>>         at<init>(
>>>>         at org.apache.roller.weblogger.ui.rendering.velocity.
>>>> deprecated.ContextLoader.loadPathValues(
>>>>         at org.apache.roller.weblogger.ui.rendering.velocity.
>>>> deprecated.ContextLoader.setupContext(
>>>>         at org.apache.roller.weblogger.ui.rendering.model.
>>>> ModelLoader.loadOldModels(
>>>>         at org.apache.roller.weblogger.ui.rendering.servlets.
>>>> PageServlet.doGet(
>>>> Is it possible to enhance the "$absBaseURL" macro to allow no prefix?
>>>> I'm using Roller 5.0.3 on Tomcat 7.
>>>> Thanks,
>>>> Matt

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message