LogViewer does not work on HTTPS as it does not switch to Secure WebSocket (WSS)

unic / neba

Lightning fast and simple content mapping for Apache Sling and Adobe AEM

https://neba.io

Apache License 2.0

55 stars 14 forks source link

LogViewer does not work on HTTPS as it does not switch to Secure WebSocket (WSS) #215

Closed acrane13 closed 7 years ago

acrane13 commented 7 years ago

We have a requirement to support only secure connections to our AEM instance. As such we have AEM running on https. However when we go to the NEBA log viewer page the browser gives us an error that we can't load a non-secure web socket from a secure page.

Is it possible to have the log viewer page test for a secure connection and initiate a secured web socket if the page was loaded via https?

olaf-otto commented 7 years ago

Hi @acrane13

Thanks for reporting this! Actually, this should already be the case. the script.js of the log viewer opens the websocket like so:

var socket = new WebSocket((window.location.protocol === "https" ? "wss" : "ws") + "://" + window.location.host + "/system/console/logviewer/tail"); Perhaps there is a bug there? Could you check what window.location.protocol is set to in your case?

Thanks and regards, Olaf

olaf-otto commented 7 years ago

I think I found the issue: window.location.protocol inc,udes the ':' of the procotol spec. Thus this comparison is always false. I'll update the ticket title and treat this as a bug for the next minor release.

olaf-otto commented 7 years ago

Implemented, done!