From 40b9645bf6d822e7e1895587b44889c193af14ac Mon Sep 17 00:00:00 2001 From: Oliver Bock Date: Mon, 30 May 2016 07:35:26 +0000 Subject: [PATCH] Bug 16615: Open Library API fails for full-site-SSL When running Koha in a full-site-SSL configuration accessing external resouces like Open Library cover images via HTTP doesn't work (mixed SSL/non-SSL content). It thus breaks a core feature of Koha. Referencing such resources always via HTTPS resolves the problem and also enhances privacy as a side-effect. Previous tickets took care of Amazon resources. This ticket is supposed to address the remaining external resource providers, starting with Open Library. TEST PLAN --------- 1) Over https access your OPAC with the Enhanced Content system preferences 'OpenLibraryCovers' set to 'Add', and 'OpenLibrarySearch' set to 'Show'. 2) Search for something (e.g. Mo Willems) -- Your browser console log will show messages about mixed content. 3) Apply the patch 4) Making sure to reload the java script, attempt steps 1 & 2 again. -- no mixed content messages should be given 5) run koha qa test tools Signed-off-by: Mark Tompsett Signed-off-by: Jonathan Druart Signed-off-by: Kyle M Hall --- koha-tmpl/opac-tmpl/bootstrap/js/openlibrary.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/js/openlibrary.js b/koha-tmpl/opac-tmpl/bootstrap/js/openlibrary.js index 318576a468..871dad139e 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/js/openlibrary.js +++ b/koha-tmpl/opac-tmpl/bootstrap/js/openlibrary.js @@ -25,7 +25,7 @@ KOHA.OpenLibrary = new function() { var scriptElement = document.createElement("script"); scriptElement.setAttribute("id", "jsonScript"); scriptElement.setAttribute("src", - "http://openlibrary.org/api/books?bibkeys=" + escape(bibkeys) + + "https://openlibrary.org/api/books?bibkeys=" + escape(bibkeys) + "&callback=KOHA.OpenLibrary.olCallBack&jscmd=data"); scriptElement.setAttribute("type", "text/javascript"); document.documentElement.firstChild.appendChild(scriptElement); -- 2.39.5