flatpress
flatpress copied to clipboard
flatpressblog
theme issues with https site
In case anyone else has this issue. If you run your site on docker and probably kubermetes containers you likely run internal on http and external (load balancer) on https. Flatpress does not pull up any theme like this. So unless there is something more elegant to fix this here is a quick hacky diff in defaults.php to work around it. Probably should detect serverport from the config file not from PHP.
> diff flatpress-1.2.1/defaults.php ../web/defaults.php
118c118,119
< if (isset($_SERVER ['HTTPS'])) {
---
> $serverport = "https://";
> if ($serverport == 'https://') {
121c122
< $serverport = "false";
---
>
123,125c124
< if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
< $serverport = "https://";
< // Uses a secure connection (HTTPS) if possible
---
> if ($serverport == 'https://') {
127,128d125
< } else {
< $serverport = "http://";
Hi @rrossouw01 - I ran into the exact same problem. Not with docker, but with apache2 as reverse proxy and ssl terminator and a little arm box running flatpress on armbian on it. In my setup I workarounded this with giving the apache server on the armbox an snakeoil ssl cert , so the reverse proxy can talk via https with its backend. Far away from a good solution :D
When I remember right, in the actual master branch (1.3-dev ) I saw a fix for this problem in the commits? I can search later on for this, maybe i find it , if i saw it right. :)
@rrossouw01 @DeltaLima Thanks for reporting and testing! Is this still reproducable with our current 1.3.1 Branch?
1.3.1 did not work for me. from Maintain > Updates You have FlatPress version 1.3 ...
diff below. same change as before.
diff defaults.php /tmp/defaults.1.3.1.php
127d126
< $serverport = "https://";
131c130
< //$serverport = "false";
---
> $serverport = "false";
136c135
< /*if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
---
> if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
140c139
< }*/
---
> }
not sure this is much better but I tried instead of above to just set scheme (you have $serverport) to whatever the config is.
$ diff defaults.php /tmp/defaults.1.3.1.php
131d130
<
136,140c135
<
< $configs = include(CONFIG_FILE);
< $url = $fp_config ['general'] ['www'];
< $serverport = parse_url($url, PHP_URL_SCHEME) . "://";
< /*if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
---
> if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
144c139
< }*/
---
> }
Hello @rrossouw01,
Many thanks for your feedback. What output do you get in current 1.3.1 branch if you insert
@ini_set('display_errors', 'on');
@error_reporting(E_ALL);
var_dump($_SERVER ['HTTPS']);
var_dump($serverport);
in the line below line 192?
Can you please replace lines 189 to 191 with https://github.com/flatpressblog/flatpress/blob/ba890f33c6981e7e9171d849f6fef9bcbbcf17f9/defaults.php#L189
function is_https() {
return (!empty($_SERVER ['HTTPS']) && $_SERVER ['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443);
}
@ini_set('display_errors', 'on');
@error_reporting(E_ALL);
var_dump($_SERVER ['HTTPS']);
var_dump($serverport);
With best regards Frank
$_SERVER['HTTPS'] is not set. so returns NULL and for $serverport returned http://
Warning: Undefined array key "HTTPS" in /var/www/html/defaults.php on line 180
NULL string(7) "http://"
Deprecated: Optional parameter $from declared before required parameter $message is implicitly treated as a required parameter in /var/www/html/fp-includes/core/core.utils.php on line 290
...<deleted some session warnings>
With both?
return (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on'));
and also:
return (!empty($_SERVER ['HTTPS']) && $_SERVER['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443);
?
I copied defaults.php from the repo and tweaked the function a little for my scenario. keep in mind I have not used php in almost 15 years so not good code here just demonstrating what works for me:
function is_https() {
$configs = include(CONFIG_FILE);
$url = $fp_config ['general'] ['www'];
$config_schema = parse_url($url, PHP_URL_SCHEME);
# running on http behind a load balancer with a certificate (offloaded). k8s/traefik etc
# themes need https which is I derive from the config file but server is actually on http.
//var_dump($config_schema);
//var_dump($_SERVER);
$server_scheme = explode("/", $_SERVER['SERVER_PROTOCOL']);
if ($config_schema == 'https' && $server_scheme[0] == 'HTTP' ) {
return True;
} else {
return (!empty($_SERVER ['HTTPS']) && $_SERVER ['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443);
}
}
With both?
return (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on'));and also:
return (!empty($_SERVER ['HTTPS']) && $_SERVER['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443);?
not sure I understood what you asked. I have to move on to my job now. I can test tonight if you want me to plug anything into the defaults.php.
@azett Apparently a load balancer $_SERVER ['HTTPS'] is not defined here. Can you please check the execution of @rrossouw01?
@rrossouw01 I will test your variant. Unfortunately, I do not have an environment with a load balancer available for testing.
Thank you in advance for testing. With best regards Frank
That did not work for me. I did a slightly more simple version as shown below. I assume that we can always say if $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' it is an LB/PROXY or variant of it. And in my case if local server is NOT https then we should have $serverport true or your function return isHttp as True.
function is_https() { if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' && $_SERVER ['SERVER_PORT'] != 443) { return True; } else { return ( !empty($_SERVER ['HTTPS']) && $_SERVER['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443 ); } }
From: Frank Hochmuth @.> Sent: Monday, April 22, 2024 3:19 PM To: flatpressblog/flatpress @.> Cc: Riaan Rossouw @.>; Mention @.> Subject: Re: [flatpressblog/flatpress] theme issues with https site (Issue #251)
@azetthttps://github.com/azett Apparently a load balancer $_SERVER ['HTTPS'] is not defined here.
@rrossouw01https://github.com/rrossouw01 I will test your variant. Unfortunately, I don't have a load balancer available for testing.
If you have time this evening, please replace lines 189 to 191 as follows:
function is_https() { //return (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')); return (!empty($_SERVER ['HTTPS']) && $_SERVER['HTTPS'] != 'off' or $_SERVER ['SERVER_PORT'] == 443); }
Then check if there are still theme problems. With best regards Frank
— Reply to this email directly, view it on GitHubhttps://github.com/flatpressblog/flatpress/issues/251#issuecomment-2070881739, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AL4RLPF3WRMQX3YVRW4V2VTY6VWFXAVCNFSM6AAAAAA2AR2XEWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANZQHA4DCNZTHE. You are receiving this because you were mentioned.
T
Thank you all for testing and fixing! I put it all together in the issue371_httphttps branch. Can you please perform a final test with the latest version of that branch? If all works fine, this will be released as FlatPress 1.3.1. Thanks a lot!
Hello everyone,
I take the liberty of closing this issue with pleasure https://github.com/flatpressblog/flatpress/issues/371#issuecomment-2081504366. @rrossouw01, please check the master branch to see if the setup problem is still reproducible. We may have to create a new issue for this.
Note: The issue371_httphttps branch has Smarty version 4.3.1, the master branch 4.4.1 (e544ed6). If the path specification in the defaults.php file does not match Smarty, it will lead to a white page during setup.
https://github.com/flatpressblog/flatpress/blob/b9b3dd50b6823024b51b2cd38aa2ce229bb77da3/defaults.php#L71
Have a good start into the new week With best regards Frank