[Xerte] Query about Xerte https access

[Jamie Wood]

Hi,

We're running a Xerte project here at Lincoln and have come across a problem with Chrome (and other browsers) running Xerte over https. I've copied over a query from our Centre for Educational Research and Development below about this technical issue. Can anyone help with this and the questions in the paragraphs within the dotted lines below?

------------
The issue seems to be that Chrome has a problem with running Xerte securely over https. It says that although https is turned on on our server, some of the files are non-securely 'leaking' over http. It seems to be especially strict about this, compared to other browsers. If I turn off https altogether and, this is key, remove all cookies and browsing history from Chrome, then it performs perfectly OK over http.

The problem we have is that to use university logins, we need to run it over https, and if the tool is going to be used by 100+ people, this is by far the preferred method of login.

Jamie, please could you write to the mailing list, copying me in, reporting this problem and asking for advice? How are other institutions running it successfully over https? Why is Xerte serving certain files over http, when https is being requested? This seems like a bug and a security issue with Xerte to me.
-------------------


Bests
Jamie


Dr Jamie Wood
Lecturer in History,
School of Humanities,
University of Lincoln,
Brayford Pool,
Lincoln LN6 7TS

Email: jwood at lincoln.ac.uk<mailto:jwood at lincoln.ac.uk>
Tel.: +44(0)1522 837389
Website: http://staff.lincoln.ac.uk/jwood
Twitter: @woodjamie99<https://twitter.com/woodjamie99>