I have images not showing up due to getting flagged for “mixed content” violations. When calling out to Iiif, it looks for http://domain/info.json. Then it tries to load the image file via HTTP when it’s an HTTPS server.
Is there a way to force UniversalViewer or Iiif to adjust all http:// url requests to https:// ?
Using Omeka-S 4.0.1
Iiif : 3.6.14
UV: 3.6.7
Are these links out to external IIIF manifests, or to the ones internal to the site generated by those modules (i.e., are the links to your own domain or another one)?
The same domain.
Here’s an example item:
What’s probably happening here is that you’re behind a proxy that’s handling the HTTPS connections. This is increasingly common in universities, it seems. The issue is that the HTTPS part of the connection stops at the proxy and it goes and connects to your Omeka S server, and the result is that Omeka S can’t tell that the user is really connecting with HTTPS.
You have a couple options to fix this:
You could contact whoever’s running the proxy and ask them to send an X-Forwarded-Proto header for HTTPS connections. This lets the proxy inform your server that the actual user connected with HTTPS and that HTTPS links should be used.
If you can’t get that set up, you can use the .htaccess file to make Omeka S always think HTTPS is in use, so it will generate https:// URLs. You’d add this line:
SetEnv HTTPS "on"
Setting HTTPS to on somehow broke all images, because now it’s requesting them on port 80
Ah, sorry. Trying to “trick” the system can cause problems like that.
Here’s a better option: you can just add the header yourself, and that won’t have the port problem you were having.
Instead of the line I suggested before, go with
RequestHeader set X-Forwarded-Proto https