Gravatars not working for HTTPS sites

Bug #1386532 reported by Aaron Wells on 2014-10-28
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Medium
Aaron Wells
1.10
Medium
Unassigned
1.9
Medium
Unassigned
15.04
Medium
Aaron Wells

Bug Description

The fix for Bug 1378543 was too strict in parsing the response from the gravatar server, and so it can't handle the slightly different response you get when you try to request a gravatar over HTTPS and get a 404 error. (The difference is it starts with "HTTP/1.1" instead of "HTTP/1.0")

Aaron Wells (u-aaronw) wrote :

Hm, we also need to update the help text for turning on avatars, because it still says, "Also, for sites delivered over https, enabling Gravatar profile pictures might trigger security warnings on some browsers. This is due to the fact that Gravatar images are served via normal unencrypted http."

And that's no longer true!

tags: added: usermanualupdate

Reviewed: https://reviews.mahara.org/3871
Committed: http://gitorious.org/mahara/mahara/commit/fb801c6e7a17fa6f5039cc7aa249d74bf0fe961a
Submitter: Aaron Wells (<email address hidden>)
Branch: master

commit fb801c6e7a17fa6f5039cc7aa249d74bf0fe961a
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 16:05:45 2014 +1300

Fix issues when checking a gravatar exists

Bug 1386532: If checking via HTTP, gravatar returns "HTTP/1.0"
via HTTPS, it returns "HTTP/1.1"

Change-Id: I82a8fce9593007784973a7796cbe9a68a85794b7

Reviewed: https://reviews.mahara.org/3876
Committed: http://gitorious.org/mahara/mahara/commit/1827ef3ae01d111b551d43c8a11c430b697d0d8c
Submitter: Aaron Wells (<email address hidden>)
Branch: 1.10_STABLE

commit 1827ef3ae01d111b551d43c8a11c430b697d0d8c
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 16:05:45 2014 +1300

Fix issues when checking a gravatar exists

Bug 1386532: If checking via HTTP, gravatar returns "HTTP/1.0"
via HTTPS, it returns "HTTP/1.1"

Change-Id: I82a8fce9593007784973a7796cbe9a68a85794b7

Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/3870
Committed: http://gitorious.org/mahara/mahara/commit/577a9faf7d22b25a947151b8e33d6898b52e0433
Submitter: Aaron Wells (<email address hidden>)
Branch: 1.9_STABLE

commit 577a9faf7d22b25a947151b8e33d6898b52e0433
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 16:05:45 2014 +1300

Fix issues when checking a gravatar exists

Bug 1386532: If checking via HTTP, gravatar returns "HTTP/1.0"
via HTTPS, it returns "HTTP/1.1"

Change-Id: I82a8fce9593007784973a7796cbe9a68a85794b7

Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/3872
Committed: http://gitorious.org/mahara/mahara/commit/b69161750aae28ad0a9d34b7987ca088de06ef88
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit b69161750aae28ad0a9d34b7987ca088de06ef88
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 20:28:49 2014 +1300

Updating "Allow remote avatars" help text

Bug 1386532

Change-Id: I7228c9ebb64ed213b4776655d1c948001f77fa91

Mahara Bot (dev-mahara) wrote :

Patch for "1.10_STABLE" branch: https://reviews.mahara.org/3883

Reviewed: https://reviews.mahara.org/3882
Committed: http://gitorious.org/mahara/mahara/commit/14ea78cb65f77001a21d02d6b77411e3e258b92f
Submitter: Robert Lyon (<email address hidden>)
Branch: 1.9_STABLE

commit 14ea78cb65f77001a21d02d6b77411e3e258b92f
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 20:28:49 2014 +1300

Updating "Allow remote avatars" help text

Bug 1386532

Change-Id: I7228c9ebb64ed213b4776655d1c948001f77fa91

Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/3883
Committed: http://gitorious.org/mahara/mahara/commit/12d5b16e608eb4247c5de1fb6574e8520246f1df
Submitter: Robert Lyon (<email address hidden>)
Branch: 1.10_STABLE

commit 12d5b16e608eb4247c5de1fb6574e8520246f1df
Author: Aaron Wells <email address hidden>
Date: Tue Oct 28 20:28:49 2014 +1300

Updating "Allow remote avatars" help text

Bug 1386532

Change-Id: I7228c9ebb64ed213b4776655d1c948001f77fa91

Robert Lyon (robertl-9) on 2015-04-17
Changed in mahara:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers