Bug 10944: fix mixed content warnings in opac results and detail with Amazon images on https
It's probably going to become more popular to run Koha in SSL
environments.
Currently on SSL, with Amazon images enabled, a SSL enabled site
will either not show Amazon images (IE, some versions of Firefox?),
or show a warning to users about mixed secure and insecure content
(Firefox, Chrome).
Since we now have the using_https template variable, it makes sense
to use it.
To test:
In each browser you have access to, and preferably with SSL set up
(you can set up a self signed cert for your dev install by following,
more or less, the instructions here:
https://wiki.debian.org/Self-Signed_Certificate)
For the apache config, just copy the one for the OPAC, but set it to
use 443 instead of 80 for the port, and point it to your keys per the
instructions above.
** note that using a self signed cert on your dev install will prompt
you when you connect the first time that OMG I CAN'T VERIFY THIS IS
COOL. You did it yourself, if you can't trust yourself... then who can
you trust?
* Enable Amazon images in the system preferences
* Do a search that you know will have images for, verify that without
SSL
1. the images show
2. the image source is from an Amazon url that uses http://
3. the images are the right size, and look ok
* Do the same using https, verify that with SSL
1. the images show
2. the image source is from an Amazon url that uses https://
3. the images are the right size, and look ok
Clicking on the image should link to the item on Amazon. This patch
also corrects a problem with the Amazon URL used on the images -
it was pointing to a feature that is currently unavailable. That's
fixed here. All you need to check is that it goes to a valid Amazon
endpoint that doesn't show an error.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>