Closed ldonnet closed 6 years ago
I try your demo and use https and not http it seems to work : https://murmuring-lowlands-1342.herokuapp.com/ Do you think it's possible that new commits lead to this bug?
The culprit could be breach-mitigation-rails gem. It adds for every https response in text/html a comment :
{"image":{"url":"https://.../myfile.png"}}
<!-- This is a random-length HTML comment: wxtyykqqulygunbngkintdjpueycxxeponvdjeywomfxihtwrpvqgqlqcyhpjmjcctgrjstvzahxtdudwpfqyojbrmomsllolygonphoatybpoqvdcnjjyckthzofbtfhognohehtasfbwjxhoyhszygjffbhfwfedrkrxhgzstdmhnzewdhrmkcaqejfoekeuehdqxmeyprdvzsvtujfxhksplwvljbtoxwpuqzzchufgvzdaqivdnzurvmznytdhyozopxipubrdpknfabofiwkyadezwdprckbfhqvanjbcbzzuctslbeszkbazhsumyyblnroxfijavypxbnwgfgtmllxwhoeqfidulsyhzhmfmawmikefziuadeaczajorlmqqljfikekenrvfgmbyaklkwssgbwomubdkpvwdbvvpgfjiblurystapkrjvokrivemkapnejkwmgasqdwsekjyoxqgbtdowkzzfvsanrdlpgxluhpuwarhwuemfqahvtwpjsbottznxhqclmelawouqttfawgieotqtdawnnkjkllwimogrkxazuejywoowwrrpyllhwafrubhlwooovxtkiwrllysvdcfgfawmqtjgunwjlmyijphbbiivlgnakmjmcruysaowjjdkznwvpxxcrexxdgzpivldlolcjnzebrmbgzcchysqdfkqzdnxpnfyfalstbunzvvgoznbotjynpivasgittwprguvskshlcathmmqdamfy -->
Why must you use content_type: "text/html" in your json response?
I'm guessing breach-mitigation-rails gem is the "problem" in this case. The real issue is that we have to use text/html and not something more sensible.
I think, if I remember correctly, that earlier versions of Internet Explorer (at least 8 and 9) refused to work with anything other than text/html, trying to download the JSON instead of passing it to the script.
EDIT: Yes, that was the problem.
Anyone have a solution to the https problem?
The HTTPS is not the problem itself but the breach-mitigation-rails that is messing (as it should) with the text/html responses.
Maybe you can try text/plain response instead, I don't know.
Follow #7 for more on this.
Hi,
It's a bit complicated because I don't know if the bug come from this gem or from the javascript library. I use your last version 4.X and when I want to upload image on my https site it fails. However just few days ago I have no problem without https. Perhaps the problem come from the use of http in the url for picture.
Do you have any clues on this behaviour or other people with same problem? Thanks for your time and your work!
Image in app/models :
TinymceAssetsController in app/controllers
Best Regards Luc Donnet