Let me preface this by saying I may be missing something obvious =)
In my experience turning on SSL breaks parts of TinyMCE in the backend.
Most (maybe all) of the TinyMCE popups, add link, edit html, etc..,
reference /asset_proxy/ which is not in the list of SSL prefixes. As a
result if the admin is served over SSL, the default behavior when ssl is
enabled, those popups no longer work.
An easy workaround is to add /asset_proxy/ to the SSL prefixes, but this
then breaks TinyMCE inline editing, via the editable tag, on any frontend
page that isn't served over SSL. On those pages /asset_proxy/ is initially
referenced without SSL but then redirected to the secure version, the
redirect breaks the popup.
My suggestion is that the Mezzanine SSLRedirectMiddleware also check a list
of prefixes that should be accessible securely or non securely, i.e. never
redirected. By default I think those would be:
('/asset_proxy/', '/displayable_links.js')
Am I missing something? If not and my suggestion sounds like a good idea I
will put together a pull request.
Thanks!
--
You received this message because you are subscribed to the Google Groups
"Mezzanine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to mezzanine-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
