Предварительный просмотр не загружается в crafter studio из-за смешанного содержимого HTTP и HTTPS

#crafter-cms

#crafter-cms

Вопрос:

куда мне следует добавить настройки, чтобы изменить схему на HTTPS с HTTP в конфигурациях разработки crafter.

Ошибка в консоли Chrome

 Mixed Content: The page at 'https://example.com/studio/preview/#/?page=/amp;site=test1' 
was loaded over HTTPS, but requested an insecure frame 
'http://example.com/'. This request has been blocked; the 
content must be served over HTTPS.
  

d

Настройки:

server-config.properties

 # Content root folder. The {siteName} variable will be automatically replaced. This is a file URL, even in Windows forward
# slashes (/) should be used, e.g. file:/C:/crafter/data/repos/sites/{siteName}/sandbox
crafter.engine.site.default.rootFolder.path=file:${crafter.data.dir}/repos/sites/{siteName}/sandbox/
# The URL of Crafter Search
crafter.engine.search.server.url=http://localhost:8080/crafter-search
# The URL of Crafter Profile
crafter.profile.rest.client.url.base=http://localhost:8080/crafter-profile
# If the Security Provider is enabled
crafter.security.enabled=true
# The timespan of a single "tick". 60 000 == 1 minute
crafter.core.cache.tick.frequency=1800000
  

studio-config-ovverride.yaml

 ##################################################
##################################################
##       Studio Core Configuration File         ##
##################################################
##################################################

##################################################
##     Location of Override Config File         ##
##################################################
# Load override configuration files (to override what's defined here)
studio.config.overrideConfig: crafter/studio/extension/studio-config-override.yaml

##################################################
##              Content Repository              ##
##################################################
# Absolute path to repository base (all actual repositories will be under this)
studio.repo.basePath: ${sys:crafter.data.dir}/repos
# Global repository path (automatically goes under repo-base-path)
studio.repo.globalRepoPath: global
# Sites repositories base path (automatically goes under repo-base-path)
studio.repo.sitesRepoBasePath: sites
# Sandbox git repository name under every site
studio.repo.siteSandboxPath: sandbox
# Sandbox git repository branch for every site
studio.repo.siteSandboxBranch: master
# Published git repository name under every site
studio.repo.sitePublishedPath: published
# If not using environment-config.xml, environments are configured here
# Git repository branch for the `live` environment, default "live"
studio.repo.published.live: live
# Git repository branch for the `staging` environment, default "staging"
studio.repo.published.staging: staging
# Blueprints folder name under global
studio.repo.blueprintsPath: blueprints
# Bootstrap the repository with fresh content if no repository is detected in the paths specified. Default is true.
studio.repo.bootstrapRepo: true
# Defines size of a batch when rebuilding crafter repository metadata stored in database.
studio.repo.rebuildMetadata.batchSize: 100
# Sandbox repository write commit message
studio.repo.sandbox.write.commitMessage: "User {username} wrote content {path}"
# Published repository commit message
studio.repo.published.commitMessage: "Publish event triggered by {username} on {datetime} via {source}.nnPublish note from user: "{message}"nnCommit ID: {commit_id}nnPackage ID: {package_id}"
# Create new repository commit message
studio.repo.createRepository.commitMessage: "Create new repository."
# Create sandbox branch commit message
studio.repo.createSandboxBranch.commitMessage: "Create {sandbox} branch."
# Initial commit message
studio.repo.initialCommit.commitMessage: "Initial commit."
# Blueprints updated commit message
studio.repo.blueprintsUpdated.commitMessage: "Blueprints updated."
# Create folder commit message
studio.repo.createFolder.commitMessage: "Created folder site: {site} path: {path}"
# Delete content commit message
studio.repo.deleteContent.commitMessage: "Delete file {path}"
# Move content commit message
studio.repo.moveContent.commitMessage: "Moving {fromPath} to {toPath}"
# Copy content commit message
studio.repo.copyContent.commitMessage: "Copying {fromPath} to {toPath}"
# The cron expression used on scheduled cleanup of repositories
studio.repo.cleanup.cron: '0 0 3 ? * SUN'

############################################################
##                   Site Configuration                   ##
############################################################
# Location where global configuration files are stored.
studio.configuration.global.configBasePath: /configuration
# File name where global configuration of user role mappings is stored.
studio.configuration.global.roleMappingFileName: global-role-mappings-config.xml
# File name where global configuration of user permissions mappings is stored.
studio.configuration.global.permissionMappingFileName: global-permission-mappings-config.xml
# UI Resource override path
studio.configuration.global.ui.resource.override.path: crafter/studio/ui
# Studio system site name
studio.configuration.global.systemSite: studio_root
# Root location where configuration for all sites is stored inside repository.
studio.configuration.site.configBasePath: /config/studio
# Location pattern where environment specific configuration for a site is stored
studio.configuration.site.environment.configBasePath: /config/studio/environment
# Location where content types are stored for a site.
studio.configuration.site.contentTypes.configBasePath: /config/studio/content-types
# Location where content types configuration files are stored for a site.
studio.configuration.site.contentTypes.configPath: /config/studio/content-types/{content-type}
# File name where site configuration is stored.
studio.configuration.site.generalConfigFileName: site-config.xml
# File name where configuration of user permissions mappings is stored for a site.
studio.configuration.site.permissionMappingsFileName: permission-mappings-config.xml
# File name where configuration of user role mappings is stored for a site.
studio.configuration.site.roleMappingsFileName: role-mappings-config.xml
# Defines name used for environment specific configuration. It is used for environment overrides in studio. Default value is local.
studio.configuration.site.environment: local
# File name where environment specific configuration is stored
studio.configuration.site.environment.configFileName: environment-config.xml
# File name where configuration of content type is stored.
studio.configuration.site.contentTypes.configFileName: config.xml
# Default user groups when site is created
studio.configuration.site.defaultGroups: Author,Publisher,Developer,Reviewer,Admin
# Default admin group when site is created to add creator as admin
studio.configuration.site.defaultAdminGroup: Admin
# Location where data sources configuration is stored for a site.
studio.configuration.site.dataSources.configBasePath: /config/studio/data-sources
# File name where data sources configuration is stored.
studio.configuration.site.dataSources.configFileName: cmis-config.xml
# Destroy site context url for preview engine
studio.configuration.site.preview.destroy.sontext.url: /api/1/site/context/destroy.json?crafterSite={siteName}
# Location pattern where dependency resolver specific configuration for a site is stored
studio.configuration.site.dependencyResolver.configBasePath: /config/studio/dependency
# File name where dependency specific configuration is stored
studio.configuration.site.dependencyResolver.configFileName: resolver-config.xml
# Repo path to look for the AWS configuration file
studio.configuration.site.aws.configBasePath: /config/studio/aws
# Name of the AWS configuration file
studio.configuration.site.aws.configFileName: aws.xml
# Repo path to read the Box configuration
studio.configuration.site.box.configurationPath: /config/studio/box/box.xml
# Repo path to read the WebDAV configuration
studio.configuration.site.webdav.configurationPath: /config/studio/webdav/webdav.xml
# Regex pattern for item specific dependencies
studio.configuration.dependency.itemSpecificPatterns: /site/components/page/.*,/static-assets/page/.*,/site/components/item/.*,/static-assets/item/.*
# Repo path to the asset processing config
studio.configuration.site.asset.processing.configurationPath: /config/studio/asset-processing/asset-processing-config.xml
# Default preview URL
studio.configuration.site.defaultPreviewUrl: ^https?://localhost(:d*)?/?
# Default authoring URL
studio.configuration.site.defaultAuthoringUrl: ^https?://localhost(:d*)?/studio/?

########################################################
##                   Import Service                   ##
########################################################
# Defines content processor workflow assignee for import process.
studio.import.assignee: admin
# Defines content processor chain name used for processing xml content.
studio.import.xmlChainName: importContent
# Defines content processor chain name used for processing assets.
studio.import.assetChainName: assetContent

##############################################################
##                   Notification Service                   ##
##############################################################
# Path where the notification configuration is located
studio.notification.configurationFile: /config/studio/workflow/notification-config.xml
# Timezone for the email template engine (which determines how FreeMarker interprets `now` etc.)
studio.notification.timezone: UTC

##########################################################
##                   Workflow Service                   ##
##########################################################
# Turn on/off (value true/false) publishing without dependencies.
# When turned on workflow service does not perform check if deployment package includes all necessary dependencies for content that is being published.
studio.workflow.publishingWithoutDependencies.enabled: false

##########################################################
##                   Activity Service                   ##
##########################################################
studio.activity.user.name.caseSensitive: false

##############################################################
##                   Dependencies Service                   ##
##############################################################
# Defines paths that will be excluded from dependency rules. Common usage is for files that are not site content themselves, but are system or files packaged with engine.
# Valid values are regular expressions and for multiple regular expressions, they are separated by comma (,).
studio.dependencies.ignoreDependenciesRules: /templates/system/common/cstudio-support.*\.ftl,/templates/web/navigation/.*\.ftl
# Turn on (value true) or off (value false) manual approving for dependencies when publishing content.
# When turned on, dependencies service does not perform check if deployment package includes all necessary dependencies for content that is being published.
studio.dependencies.manualDependencyApproving.enabled: false

##############################################################
##                   Object State Service                   ##
##############################################################
# Defines size of a batch when executing object state operation on big path packages (bulk operations). Limitation on bulk operations is imposed by jdbc drivers and limits on number of parameters for sql statements.
studio.objectState.bulkOperationsBatchSize: 500

##########################################################
##                   Security Service                   ##
##########################################################
# HTTP Session timeout for studio (value is in minutes).
studio.security.sessionTimeout: 60
# Urls to be treated as exception to the rules.
studio.security.ignoreRenewTokenUrls: /api/1/services/api/1/security/validate-session.json,/api/1/services/api/1/publish/status.json
# Public URLs
studio.security.publicUrls: /api/1/services/api/1/server/get-available-languages.json, /api/1/services/api/1/server/get-ui-resource-override.json, /api/1/services/api/1/monitor/status.json
# Defines security provider for accessing repository. Possible values:
# db (users are stored in database)
# ldap (users are imported from LDAP into the database)
studio.security.type: headers
studio.authentication.headers.logout.enabled: true
studio.authentication.headers.logout.url: /saml/logout?ReturnTo={baseUrl}

# Salt for encrypting
studio.security.cipher.salt: {{ craftercms_authoring_cipher_salt }}
# Key for encrypting
studio.security.cipher.key: {{ craftercms_authoring_cipher_key }}
# Cipher type
studio.security.cipher.type: AES
# Cipher algorithm
studio.security.cipher.algorithm: AES/CBC/PKCS5Padding
# Forgot password email subject
studio.security.forgotPassword.message.subject: Forgot Password
# Forgot password email template
studio.security.forgotPassword.email.template: /templates/system/email/forgotPassword.ftl
# Forgot password token time-out period in minutes
studio.security.forgotPassword.token.timeout: 60
# Reset password service url
studio.security.resetPassword.serviceUrl: "#/reset-password"
# LDAP Server url
studio.security.ldap.serverUrl: ldap://localhost:389
# LDAP bind DN (user)
studio.security.ldap.bindDN: cn=Manager,dc=my-domain,dc=com
# LDAP bind password
studio.security.ldap.bindPassword: secret
# LDAP base context (directory root)
studio.security.ldap.baseContext: dc=my-domain,dc=com
# LDAP username attribute
studio.security.ldap.userAttribute.username: uid
# LDAP first name attribute
studio.security.ldap.userAttribute.firstName: cn
# LDAP last name attribute
studio.security.ldap.userAttribute.lastName: sn
# LDAP email attribute
studio.security.ldap.userAttribute.email: mail
# LDAP site ID attribute
studio.security.ldap.userAttribute.siteId: crafterSite
# LDAP site ID attribute name regex
studio.security.ldap.userAttribute.siteId.regex: .*
# LDAP site ID attribute match index
studio.security.ldap.userAttribute.siteId.matchIndex: 0
# LDAP group name match index for the site ID attribute
studio.security.ldap.userAttribute.siteId.groupName.matchIndex: 1
# LDAP groups attribute
studio.security.ldap.userAttribute.groupName: crafterGroup
# LDAP groups attribute name regex
studio.security.ldap.userAttribute.groupName.regex: .*
# LDAP groups attribute match index
studio.security.ldap.userAttribute.groupName.matchIndex: 0
# LDAP default site if site ID attribute not found
studio.security.ldap.defaultSiteId: default
# Global admin group
studio.security.global.adminGroup: crafter-admin

# Studio authentication chain configuration
studio.authentication.chain:
  # Authentication provider type
  - provider: HEADERS
    # Authentication via headers enabled
    enabled: true
    # Authentication header for secure key
    secureKeyHeader: secure_key
    # Authentication headers secure key that is expected to match secure key value from headers
    # Typically this is placed in the header by the authentication agent, e.g. Apache mod_mellon
    secureKeyHeaderValue: secure
    # Authentication header for username
    usernameHeader: username
    # Authentication header for first name
    firstNameHeader: firstname
    # Authentication header for last name
    lastNameHeader: lastname
    # Authentication header for email
    emailHeader: email
    # Authentication header for groups: comma separated list of sites and groups
    #   Example:
    #   site_author,site_xyz_developer
    groupsHeader: groups
    # Enable/disable logout for headers authenticated users (SSO)
    logoutEnabled: true
    # If logout is enabled for headers authenticated users (SSO), set the endpoint of the SP or IdP logout, which should
    # be called after local logout. The {baseUrl} macro is provided so that the browser is redirected back to Studio
    # after logout (https://STUDIO_SERVER:STUDIO_PORT/studio)
    logoutUrl: /saml/logout?ReturnTo={baseUrl}

###############################################################
##               Page Navigation Order Service               ##
###############################################################
# Defines base increment for page navigation order when new content is created.
studio.pageNavigationOrder.increment: 1000

############################################################
##                   Content Processors                   ##
############################################################
# Location where groovy script for content lifecycle processor is stored.
studio.contentProcessor.contentLifeCycle.scriptLocation: /config/studio/content-types/{content-type}/controller.groovy
# Path pattern where system assets are stored.
studio.contentProcessor.assetsSystemPath: /static-assets/system

#######################################################
##                   Email Service                   ##
#######################################################
# Default value for from header when sending emails.
studio.mail.from.default: {{ craftercms_authoring_email_from_header }}
# SMTP server name to send emails.
studio.mail.host: {{ craftercms_authoring_email_host }}
# SMTP port number to send emails.
studio.mail.port: 25
# SMTP username for authenticated access when sending emails.
studio.mail.username: {{ craftercms_authoring_email_username }}
# SMTP password for authenticated access when sending emails.
studio.mail.password: {{ craftercms_authoring_email_password }}
# Turn on/off (value true/false) SMTP authenaticated access protocol.
studio.mail.smtp.auth: true
# Enable/disable (value true/false) SMTP TLS protocol when sending emails.
studio.mail.smtp.starttls.enable: true
# Enable/disable (value true/false) SMTP EHLO protocol when sending emails.
studio.mail.smtp.ehlo: false
# Enable/disable (value true/false) debug mode for email service. Enabling debug mode allows tracking/debugging communication between email service and SMTP server.
studio.mail.debug: false

#####################################################
##                   Studio Jobs                   ##
#####################################################
# Defines chunk size for big deployment packages. Deployment package is divide and processed in chunks of specified size.
studio.job.deployContentToEnvironment.processingChunkSize: 1000
# Turn on/off (value true/false) check if mandatory dependencies of deployed content are included in deployment package.
studio.job.deployContentToEnvironment.mandatoryDependenciesCheckEnabled: true
# Publishing default status message
studio.job.deployContentToEnvironment.status.message.default: "idle|Idle"
# Publishing idle status message
studio.job.deployContentToEnvironment.status.message.idle: "idle|Last successful publish was for package:
{package_id} on {datetime} with {package_size} items"
# Publishing busy status message
studio.job.deployContentToEnvironment.status.message.busy: "busy|Currently publishing item: {item_path} on {datetime}"
# Publishing publishing status message
studio.job.deployContentToEnvironment.status.message.publishing: "publishing|Currently publishing package: {package_id} on {datetime}"
# Publishing queued status message
studio.job.deployContentToEnvironment.status.message.queued: "queued|Items queued for publishing"
# Publishing stopped by error status message
studio.job.deployContentToEnvironment.status.message.stopped.error: "stopped|Stopped while trying to publish item: {item_path} on {datetime}"
# Publishing stopped by user status message
studio.job.deployContentToEnvironment.status.message.stopped.user: "stopped|User {username} disabled publishing for
site on {datetime}"
# Publishing stopped by user status message
studio.job.deployContentToEnvironment.status.message.started.user: "started|User {username} enabled publishing for
site on {datetime}"
# Defines master publishing node in clustered environment. Value false disables publishing (even in non-clustered environment).
studio.job.deployment.masterPublishingNode: true

######################################################################
##                   Content Type Filter Patterns                   ##
######################################################################
# Define dashboard filter pattern for pages. Value is regular expression executed against content path.
studio.contentTypes.filter.pages.includePattern: ^/page/.*
# Define dashboard filter pattern for components. Value is regular expression executed against content path.
studio.contentTypes.filter.components.includePattern: ^/component/.*
# Define dashboard filter pattern for documents. Value is regular expression executed against content path.
studio.contentTypes.filter.documents.includePattern: ^/document/.*

############################################################
##                    Preview Deployer                    ##
############################################################
# Default preview deployer URL (can be overridden per site)
studio.preview.defaultPreviewDeployerUrl: http://localhost:9191/api/1/target/deploy/preview/{siteName}
# Default preview create target URL (can be overridden per site)
studio.preview.createTargetUrl: http://localhost:9191/api/1/target/create
# Default preview create target URL (can be overridden per site)
studio.preview.deleteTargetUrl: http://localhost:9191/api/1/target/delete/{siteEnv}/{siteName}
# URL to the preview repository (aka Sandbox) where authors save work-in-progress
studio.preview.repoUrl: ${sys:crafter.data.dir}/repos/sites/{siteName}/sandbox
# URL to the preview Crafter Engine
studio.preview.engineUrl: http://localhost:8080
# Name of template to use with the deployer for preview
studio.preview.templateName: local
# Replace existing configuration if one exists?
studio.preview.replace: true
# Disable deploy cron job for preview target
studio.preview.disableDeployCron: true

############################################################
##                   Preview Search                       ##
############################################################
studio.preview.search.createUrl: http://localhost:8080/crafter-search/api/2/admin/index/create
studio.preview.search.deleteUrl: http://localhost:8080/crafter-search/api/2/admin/index/delete/{siteName}

############################################################
##                   Publishing Manager                   ##
############################################################
# Defines file name for index files (page containers). Default value is index.xml
studio.publishingManager.indexFile: index.xml
# Turn on/off (value true/false) publishing without dependencies.
# When turned on, deployment engine does not check for missing mandatory dependencies of published content.
studio.publishingManager.publishingWithoutDependencies.enabled: false

##################################################
##                   Database                   ##
##################################################
# Embedded database configuration
# JDBC driver and Java class used for accessing crafter database
studio.db.driver: org.mariadb.jdbc.Driver
# Username used for authentication to access crafter database.
studio.db.username: crafter
# Password used for authentication to access crafter database.
studio.db.password: crafter
# Connection string used when connecting database with JDBC driver
# Format:
# jdbc:DATABASE_PLATFORM;databaseName=DATABASE_NAME;create=true;user=DATABASE_USERNAME;password=DATABASE_USER_PASSWORD
# Note that a relative path is not suitable for a production deployment
studio.db.url: jdbc:mariadb://127.0.0.1:33306/crafter?user=crafteramp;password=crafter
# Defines initial number of database connections in database connection pool
studio.db.pool.initialConnections: 10
# Defines maximum number of active database connections in database connection pool
studio.db.pool.maxActiveConnections: 100
# Defines maximum number of idle database connections to retain in database connection pool.
studio.db.pool.maxIdleConnections: 30
# Defines minimum number of idle database connections to retain in database connection pool.
studio.db.pool.minIdleConnections: 10
# Defines maximum waiting time for a database connection to become available (value is in milliseconds).
studio.db.pool.maxWaitTime: 10000
# Turn database initializer on (value true) or off (value false).
# When initializer is turned off, system will not try to initialize database on startup.
# When system is starting for the first time initializer must be turned on.
# When database already exists, initializer can be turned off for faster startup. If database is deleted or dropped
# for any reason, initializer needs to be turned on.
studio.db.initializer.enabled: true
# Connection string used to initialize database
studio.db.initializer.url: jdbc:mariadb://127.0.0.1:33306?user=rootamp;password=
# Configure database SQL script location
studio.db.initializer.configureDbscriptLocation: crafter/studio/database/configureDB.sql
# Create database SQL script location
studio.db.initializer.createDbscriptLocation: crafter/studio/database/createDDL.sql
# Upgrade database SQL script location
studio.db.initializer.upgradeDbScriptLocation: crafter/studio/database/upgrade-{version}.sql
# Enable random admin password generation
studio.db.initializer.randomAdminPassword.enabled: false
# Random admin password length
studio.db.initializer.randomAdminPassword.length: 16
# Random admin password allowed chars
studio.db.initializer.randomAdminPassword.chars: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^amp;*_= -/
# Test database connections retrieved from the pool before being used (value true).
# If value is set to false database connection will not be tested before being used.
studio.db.testOnBorrow: true
# The SQL query to validate the connection for database
studio.db.validationQuery: SELECT 1
# Defines the amount of time, in seconds, that connection validation will wait for a response from the database when executing a validation query.
# Use a value less than or equal to 0 for no timeout.
studio.db.validationInterval: 34000
# Base folder for the embedded database
studio.db.basePath: ${sys:crafter.bin.dir}/dbms
# Data folder for the embedded database
studio.db.dataPath: ${sys:crafter.data.dir}/db
# Port number for the embedded database (note this must match what's in the connection URLs in this config file)
studio.db.port: 33306
# Socket path for the embedded database
studio.db.socket: ${sys:java.io.tmpdir}/MariaDB4j.33306.sock

##########################################################
##                   Asset Processing                   ##
##########################################################
# The global Tinify API key used for image processing (empty by default)
studio.configuration.asset.processing.tinify.apiKey:

################################################################
##                             CORS                           ##
################################################################
# This is configured as permissive by default for ease of deployment
# Remember to tighten this up for production

# Disable CORS headers completely
studio.cors.disable: false
# Value for the Access-Control-Allow-Origin header
studio.cors.origins: '*'
# Value for the Access-Control-Allow-Headers header
studio.cors.headers: '*'
# Value for the Access-Control-Allow-Methods header
studio.cors.methods: '*'
# Value for the Access-Control-Allow-Credentials header
studio.cors.credentials: true
# Value for the Access-Control-Max-Age header
studio.cors.maxage: -1
,
  

Я попытался изменить их на https , но это не помогло.

Обновление версии Crafter CMS является 3.1.0

Комментарии:

1. Какую версию Crafter CMS вы используете?

2. Можете ли вы также предоставить общий доступ к файлу конфигурации переопределения среды? (если вы используете более старую версию, это ключевой файл, который поможет в этой ситуации)

3. Версия @sumerz — 3.1.0, и содержимое конфигурационных файлов, о котором идет речь, обновлено

Ответ №1:

Проверьте свой environment-config.xml и убедитесь, что вы не смешиваете http и https в одной среде разработки.

     <preview-server-url>http://localhost:8080</preview-server-url>
    <preview-engine-server-url>http://localhost:8080</preview-engine-server-url>
    <graphql-server-url>http://localhost:8080</graphql-server-url>
    <authoring-server-url>http://localhost:8080/studio</authoring-server-url>
  

Одна вещь, которую следует рассмотреть, — это перейти на Crafter CMS 3.1.9 , который имеет встроенный прокси, заменяющий механизм настройки среды чем-то лучшим.

Вы можете прочитать больше о прокси здесь: https://docs.craftercms.org/en/3.1/site-administrators/studio/proxy-configuration.html

Crafter CMS 3.1.9 должна быть выпущена 2020.08.24, и вы можете сразу получить версию для тестирования, создав support/3.1.x ветку с GitHub: https://github.com/craftercms/craftercms.

Комментарии:

1. дата релиза откладывается @sumerz ?

2. 3.1.9 отсутствует, возьмите его здесь: craftercms.org/downloads