@anonymous-piwik-user opened this Issue on July 14th 2009

I'm experiencing this issue (http://dwairi.wordpress.com/2009/01/15/open-flash-chart-ie-and-ssl) with piwik 0.4.1.
As indicated in the article, this only surfaces if SSL and IE are used.
Firefox, Safari and Opera are fine.

I attached a picture of the incident.

The URL seen in the picture is:

index.php?module=VisitsSummary&action=getEvolutionGraph&columns[]=nb_visits&idSite=1&period=day&date=2009-06-15,2009-07-14&viewDataTable=generateDataChartEvolution

As suggested in the blog article above, the following statements inserted in apache's config will fix this.

BrowserMatch MSIE HAVE_MSIE
Header set Expires       "Thu, 01 Jan 1970 01:00:00 GMT"        env=HAVE_MSIE
Header set Cache-Control "must-revalidate, cache, public"       env=HAVE_MSIE
Header set Pragma        "public"                               env=HAVE_MSIE

I couldn't pinpoint the culprit file, so I tried applying this to all (which works).

This shouldn't make a difference, but I have mod_rewrite rules in place to ensure SSL is used.

RewriteEngine On
RewriteRule   /piwik\.php|js)    -                        [L]
RewriteRule   (.*)               https://%{SERVER_NAME}$1 [R,L]
@anonymous-piwik-user commented on July 14th 2009
@anonymous-piwik-user commented on July 14th 2009

Attachment: trace from iehttpheaders
vanilla-anon.txt

@robocoder commented on July 14th 2009 Contributor

I can't reproduce this regression of #550 on my dev environment.

What version of php are you using?
Without your Apache config changes, what do the headers from your Piwik installation look like?

@anonymous-piwik-user commented on July 14th 2009

Replying to vipsoft:

I can't reproduce this regression of #550 on my dev environment.

What version of php are you using?

PHP Version 5.1.6

Without your Apache config changes, what do the headers from your Piwik installation look like?

See the attached file - this is a trace of all requests and responses after clicking the login button.

@robocoder commented on July 15th 2009 Contributor

Thanks.

It looks like our header changes aren't being applied in the data-file stream. (Lines 1038-1046 and 1060-1068.)

@robocoder commented on July 15th 2009 Contributor

(In [1306]) refs #869 - fix Flash+IE over HTTPS

@robocoder commented on July 15th 2009 Contributor

fuero: please test the patch.

@anonymous-piwik-user commented on July 15th 2009

Tested with IE 7 and IE 8 on Windows XP, works as expected.

@robocoder commented on July 15th 2009 Contributor

Thanks.

@mattab commented on December 14th 2009 Owner

(In [1702]) Only send the 'https work in IE please' headers when in https mode, so that graphs are cached in non-ssl (better user experience when viewing multiSites dashboard) refs #869

@robocoder commented on December 14th 2009 Contributor

THis appears to be a regression for reverse proxies where the backend server is http, and only the proxy is https.

@robocoder commented on December 14th 2009 Contributor

(In [fixes #869 - Installation - detect presence of a reverse proxy and warn if mismatch with $_SERVER'HTTPS'); add 'reverse_proxy' config setting

This Issue was closed on August 31st 2010
Powered by GitHub Issue Mirror