Moodle
  1. Moodle
  2. MDL-29740

HTTPS for login problem in images in auth_instructions

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Duplicate
    • Affects Version/s: 2.1.1
    • Fix Version/s: None
    • Component/s: Administration
    • Labels:
      None
    • Database:
      MySQL
    • Affected Branches:
      MOODLE_21_STABLE
    • Rank:
      19257

      Description

      When there are images in auth_instructions and Use HTTPS for logins in enabled then both secure and unsecure content exists in the same page. This have issues for Windows Xp users with IE. Is there a way to convert all http urls to https so that all content is secure in login page?

        Activity

        Hide
        Mart Mangus added a comment - - edited

        Similar problem occurs when all site is running on HTTPS and the setting "Use HTTPS for logins" (loginhttps) is not set. Then the reCAPTCHA image is loaded with HTTP and some browsers don't like that.

        Choosing the "Use HTTPS for logins" fixes this one.

        True, the text under this setting is confusing:

        Turning this on will make Moodle use a secure https connection just for the login page (providing a secure login), and then afterwards revert back to the normal http URL for general speed.

        – like the ohter site would switch to HTTP if I choose this (even when all site is running on HTTPS). Actually it does not.

        Show
        Mart Mangus added a comment - - edited Similar problem occurs when all site is running on HTTPS and the setting "Use HTTPS for logins" (loginhttps) is not set. Then the reCAPTCHA image is loaded with HTTP and some browsers don't like that. Choosing the "Use HTTPS for logins" fixes this one. True, the text under this setting is confusing: Turning this on will make Moodle use a secure https connection just for the login page (providing a secure login), and then afterwards revert back to the normal http URL for general speed. – like the ohter site would switch to HTTP if I choose this (even when all site is running on HTTPS). Actually it does not.
        Hide
        Christos Rodosthenous added a comment -

        The problem with mixed content in a page, is that browsers deal this in different ways.
        For instance IE (not sure which versions) in Windows Xp (Yes this OS still exists) shows a dialog box for viewing secure content and users get really confused.

        Firefox is way cooler, it just shows the page (in default setup)

        Show
        Christos Rodosthenous added a comment - The problem with mixed content in a page, is that browsers deal this in different ways. For instance IE (not sure which versions) in Windows Xp (Yes this OS still exists) shows a dialog box for viewing secure content and users get really confused. Firefox is way cooler, it just shows the page (in default setup)
        Hide
        Rajesh Taneja added a comment -

        Hello Christos,

        I was going though the old backlog and it seems this issue has been fixed by MDL-27364.

        Can you please check and let us know if you still have this issue.

        Show
        Rajesh Taneja added a comment - Hello Christos, I was going though the old backlog and it seems this issue has been fixed by MDL-27364. Can you please check and let us know if you still have this issue.
        Hide
        Rajesh Taneja added a comment -

        Hello Christos,

        As I have not heard from you, I'm assuming this issue has been fixed by MDL-27364.

        Will keep watching this space, in case you have something to add.

        Show
        Rajesh Taneja added a comment - Hello Christos, As I have not heard from you, I'm assuming this issue has been fixed by MDL-27364. Will keep watching this space, in case you have something to add.

          People

          • Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: