docker-ojs icon indicating copy to clipboard operation
docker-ojs copied to clipboard
verified publisher icon pkp

In Azure Web App, css and js doesn't render on HTTPS

Open sergiu017 opened this issue 1 year ago • 1 comments

We're using an Azure Web App resource for hosting OJS with the official image(ojs:lts-3_3 )but we have issues when it comes to rendering the web page over HTTPS. When we use standard http the site renders just fine, but trying to run it in HTTPS throws errors as the requests are being served over HTTP on css and scripts.

This is how the install page looks like when using HTTPS: image

We tried changing up the config.inc.php but nothing seemed to work. Setting the base_url for index/journals throws 500. We also set trust_x_forwarded_for = On as the azure service uses a reverse proxy. By setting force_ssl = On we got an error stating "Too many redirects".

Any ideas how to solve the issue?

sergiu017 avatar Mar 12 '24 16:03 sergiu017

Hi @sergiu017

Sorry for the delay in my answer. Not much time right now to follow the issues of this project.

TL;DR; This is one of the biggests issues I'm trying to deal with since I started this project. We have a workaround, but no solution is still perfect.

The point is OJS is not very smart trying to figure it out what it's own URI, and this is built in different places in different way (core, api, cli...) so I found some combinations that do the job, but you need to dig to find your own.

Nevermind if you set your "force_ssl" or you indicate the protocol in "base_url"... as docker is running in root and without httpS, OJS is stuborn and sometimes don't honor the config variables.

Here you have an issue talking about it.

A solution is making everything httpS (this is the usual recommendation from PKP fellows) but we both know this is far from been ideal.

But if you can't or you don't want it, you still have a couple of solutions.

First one: did you try with: SetEnvIf X-Forwarded-Proto "https" HTTPS=on ? OJS 3.2 included some patches to read X-Forwarded so, from my experience, it works quite fine.

Cheers, m.

marcbria avatar Apr 24 '24 08:04 marcbria

I managed to fix it a few weeks back by forcing everything to run on https.

It's still a suboptimal solution as I have to mess up with the source code.That also means I have to mount a storage for part of the source code so that it's persisted, which is not pretty, but it works.

sergiu017 avatar Apr 27 '24 18:04 sergiu017

I used a "file-volume" in past to make index.php persistent and overwrite some variables, but now that OJS is able to read X-Forward headers, is not required any more.

Adding SetEnvIf X-Forwarded-Proto "https" HTTPS=on didn't help in your case?

Do you mind to share your approach? I'm really commited to find a rock-solid solution without touching the code.

Cheers, m.

marcbria avatar Apr 29 '24 08:04 marcbria

I don't really remember if we tried the approach you mentioned but even if we did, it probably didn't work. I would try it again but we only have the production environment right now and I don't wanna break it. Even by doing that, I would have to make another file mount for the container to change the configuration of the server as changing stuff through ssh doesn't seem to work for some reason(most likely azure related).

Our solution was to overwrite the getProtocol() method in PKPRequest.inc.php so that it always returns https. So we created a file volume for /var/www/html/lib/pkp/classes/core for that single change.

sergiu017 avatar Apr 29 '24 08:04 sergiu017

Thanks a lot for the feedback @sergiu017 In past I also overwrite PKPRequest to force https but then I noticed it's not the only place where the url is built... as OJS it can be called from commanline (upgrades, cron...) or from an API.

Let's see how it works to you. Keeping an eye on this myself too.

Labeling this issue as need more info and closing it. Feel free to open if the issue appears again.

Cheers, m.

marcbria avatar Apr 29 '24 12:04 marcbria