The bug that Lee Carroll described at http://mail-archives.apache.org/mod_mbox/lenya-user/200506.mbox/%3C005e01c57b6c$a9f6b7d0$0202a8c0@BEDE%3E still exists in Lenya 1.2.4 and the 1.2.X branch. For Lenya sites using SSL, IE gives a mixed security warning ("This page contains both secure and nonsecure items") when one accesses the site tab. As a work-around, users can disable this warning in IE (Tools > Internet Options > Security > Custom Level > Display mixed content). But the real bug appears to be in how the javascript code (lenya/resources/javascript/navtree.js) generates URL's to gif's. Lee's work-around of hard-coding the scheme and host in the definition of IMAGE_PATH in line 53 of lenya/xslt/info/root.xsl is effective, but we need to replace that hard-coded scheme and host with an <xsl:value-of SOMETHING>. What is that SOMETHING? Alternatively, we could change how navtree.js uses IMAGE_PATH so that the scheme and host are included when the javascript runs. The original line in root.xsl is: IMAGE_PATH = "<xsl:value-of select="$contextprefix"/>/lenya/images/tree/";
The scheme and host you have to prepend are defined in publication.xconf, right? Maybe the ProxyUrlModule could be extended to get these parameters. They could then be passed from the sitemap to the xsl which assigns the image path. Would this solve the problem?
is anyone currently using an SSL proxy and can reproduce this patch with the current trunk?
This isn't an issue for 1.4 from the site tab. It is an issue from the live tab in 1.4.