Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

If Overlay fails on HTTPS SSL websites, automatically fallback to HTTP #4700

Closed
mattab opened this issue Feb 17, 2014 · 4 comments
Closed

If Overlay fails on HTTPS SSL websites, automatically fallback to HTTP #4700

mattab opened this issue Feb 17, 2014 · 4 comments
Labels
duplicate For issues that already existed in our issue tracker and were reported previously. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone

Comments

@mattab
Copy link
Member

mattab commented Feb 17, 2014

Follow up from #4001

Regarding the Overlay report:

In case the Overlay report website does not load over HTTPS, could we default to HTTP for overlay report?

Overlay opens in a new window, so we could:

  • open that new window over HTTP if we know the website is not https
  • redirect from https to http if the overlay didn't load over https

Challenges:

  • Test if this would work at all
  • deal with the auth cookie set which is set with "secure" flag right now.
  • Only do this when Piwik is not loaded over https
@mattab mattab added this to the 2.x - The Great Piwik 2.x Backlog milestone Jul 8, 2014
@gruberro
Copy link

+1

1 similar comment
@dazorni
Copy link

dazorni commented Jul 25, 2014

+1

@mattab mattab added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. and removed Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change. labels Oct 11, 2014
@CanuckNick
Copy link

+1
We're running into this same issue right now. We use force_ssl in our Piwik configuration but most of our 200 web sites do not support SSL. This is a very cool feature that would be nice to have working but I understand the technical hurdles. I would be fine with switching to regular HTTP when applicable for the Overlay report.

I'm not sure if this would work, but could you possibly pass the users auth token to the HTTP instance to allow the report to run and to avoid issues with the secure cookie? That's just off the top of my head, I haven't done any research on potential issues.

@mattab
Copy link
Member Author

mattab commented Feb 19, 2015

in #7067 this issue was described as a "Hack" so I will close it as "wontfix" and we can discuss a proper solution in #7067 - please comment there to be notified of updates

@mattab mattab closed this as completed Feb 19, 2015
@mattab mattab added the duplicate For issues that already existed in our issue tracker and were reported previously. label Feb 19, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
duplicate For issues that already existed in our issue tracker and were reported previously. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Projects
None yet
Development

No branches or pull requests

4 participants