link changes from https to http

mmisw / orr

ORR - Ontology Registry & Repository integrated system

Apache License 2.0

13 stars 5 forks source link

link changes from https to http #5

Closed fgayanilo closed 3 months ago

fgayanilo commented 5 years ago

If you visit https://mmisw.org/ont/cf/parameter and search (for example), 'latitude', the links are in http but the hyperlinks are in https. This link 'https://mmisw.org/ont/cf/parameter/latitude' will throw an error (IRI not found) but not if you manually change it to http://mmisw.org/ont/cf/parameter/latitude

carueda commented 5 years ago

Thanks for reporting this issue:

Yes, the hyperlink here:

should be:

https://mmisw.org/ont?iri=http://mmisw.org/ont/cf/parameter/latitude

instead of:

https://mmisw.org/ont/cf/parameter/latitude

Alternatively, the ORR could also detect that there's actually such IRI if only the scheme https is replaced by http -- in fact I remember adding logic for this kind of replacements, so perhaps this is actually a regression.

@graybeal @lewismc FYI

graybeal commented 5 years ago

Thanks Carlos for the comments.

I'm thinking the original work was to make all IRI resolution requests that are http get rewritten (by Apache) to https, and have the system respond only to the https (so that all requests are securely handled. (In other words, both http and https IRIs would work and be responded to securely using https.) At least, that was the approach I was envisioning, and I still think it is the best and simplest long-term approach.

But we may have gone down a different path, so I can't say the best thing to do in this moment. This is an important thing to take care of if we can, and maybe we can create a new task to do the above if that isn't in the current scheme.

carueda commented 5 years ago

The ORR at mmisw.org has been fully functional with https.

(The http-to-https redirection is actually unrelated to the issue here, but something I suggested long ago though so far unimplemented perhaps because of lack of response or "official" approval AFAICR, or simply because everyone forgot about it. Nonong, you are welcome to enable it at any time ;)

fgayanilo commented 5 years ago

Do we need to update the DB contents itself when I get to 'force' redirect all calls to https?

carueda commented 5 years ago

No. This is just about http-to-https redirection. Thanks!

fgayanilo commented 5 years ago

Redirect to https is done

carueda commented 5 years ago

Just tried http://mmisw.org/ont , but gets redirected to https://mmisw.orgont . Seems like a slash is missing in the translation when there's a path in the original request. Thanks.

fgayanilo commented 5 years ago

Ooops! thanks for the catch, done!

carueda commented 3 months ago

Just checked and all re this ticket worked OK, so we surely forgot to close this as fixed... so, closing now.