Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-2643

Artifactory is serving mixed content from https/http

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Trivial
    • Resolution: Unresolved
    • Component/s: jenkins.io
    • Labels:
      None
    • Similar Issues:

      Description

      While logging back after all the password expirations, I noticed that my browser (chrome) is reporting the Artifactory home page not be secured.

       

      Seems to be caused by the mixed content due to the Jenkins logo that is specified in the instance, pointing to http://www.jenkins.io/sites/default/files/jenkins_logo.png and not to https://www.jenkins.io/sites/default/files/jenkins_logo.png

       

        Attachments

          Activity

          vlatombe Vincent Latombe created issue -
          danielbeck Daniel Beck made changes -
          Field Original Value New Value
          Component/s jenkins.io [ 23954 ]
          Component/s artifactory [ 18923 ]
          danielbeck Daniel Beck made changes -
          Comment [ Actually a bug on jenkins.io:
          {noformat}
          $ curl -IL https://jenkins.io/sites/default/files/jenkins_logo.png
          HTTP/2 301
          server: nginx/1.17.10
          date: Tue, 16 Jun 2020 11:56:48 GMT
          content-type: text/html
          content-length: 170
          location: http://www.jenkins.io/sites/default/files/jenkins_logo.png

          HTTP/1.1 301 Moved Permanently
          Server: Varnish
          Retry-After: 0
          Location: https://www.jenkins.io/sites/default/files/jenkins_logo.png
          Content-Length: 0
          Accept-Ranges: bytes
          Date: Tue, 16 Jun 2020 11:56:48 GMT
          Via: 1.1 varnish
          Connection: close
          X-Served-By: cache-hhn4035-HHN
          X-Cache: HIT
          X-Cache-Hits: 0
          X-Timer: S1592308609.552677,VS0,VE0
          Strict-Transport-Security: max-age=300

          HTTP/2 200
          server: nginx/1.17.10
          content-type: image/png
          last-modified: Fri, 29 Sep 2017 08:11:58 GMT
          etag: "59ce004e-3397"
          expires: Thu, 04 Jun 2020 23:44:54 GMT
          cache-control: max-age=172800, public
          accept-ranges: bytes
          date: Tue, 16 Jun 2020 11:56:48 GMT
          via: 1.1 varnish
          age: 128411
          x-served-by: cache-hhn4033-HHN
          x-cache: HIT
          x-cache-hits: 1
          x-timer: S1592308609.631532,VS0,VE1
          strict-transport-security: max-age=300
          content-length: 13207 {noformat} ]

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            vlatombe Vincent Latombe
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: