Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.I have a site with CDN module (origin pull mode). This works great most of the time.
However we have recently started to serve pages using https as well, and in these cases we have a problem.
We do not enable CDN for https pages.
The pages correctly don't include assets from the CDN. However the assets that they do include have references to http files from the CDN.
So, the page will include a local CSS file, but this file is generated with links to non CDN images in. Safari doesn't like this.
I would expect the css file that is used to refer to local, and https resources.
it looks like the wrong file is being included on the page this is an example of a css URI
https://www.example.com/sites/mysite/files/css/cdn_css_3X3GZZdT0jIsKmuJvfSoteqCbrqzaZrbh67oN-tQnMk.css
This looks like a regression of #1212184: Create different CSS aggregation files for HTTP and HTTPS
Comments
Comment #1
JeremyFrench CreditAttribution: JeremyFrench commentedTested with 2.6 still not working.
Comment #2
Wim LeersThe CSS aggregates are being generated by the CDN module: good. But, the filename indicates you're on 6.x, not 7.x. Please confirm.
You don't want files to be served via HTTP when the site is being accessed via HTTPS: sensible. This implies that your CDN must support HTTPS. So: have you checked the "CDN supports HTTPS" checkbox at admin admin/settings/cdn/other?
You state "We do not enable CDN for https pages." — how did you do this? I suspect that this is the problem: you disabled the CDN module for HTTPS pages, yet did not check the "CDN supports HTTPS" checkbox. That is the use case that was implemented and solved at #1212184: Create different CSS aggregation files for HTTP and HTTPS.
In your case, CDN module's CSS aggregation is still running, but it will use the same approach as Drupal core would use: generate absolute file URLs, but unfortunately always with the HTTP protocol.
Please try to poke holes in my story — I'm making a whole lot of assumptions to try to help you as far and fast as possible :)
Comment #3
JeremyFrench CreditAttribution: JeremyFrench commentedThanks for quick response.
We are using 7.x for sure, there was a typo in the url which is now fixed.
Our CDN doesn't support https so have not checked "CDN supports HTTPS" box. Am I misunderstanding what this box is for?
In your case, CDN module's CSS aggregation is still running, but it will use the same approach as Drupal core would use: generate absolute file URLs, but unfortunately always with the HTTP protocol.It is generating absolute urls, with http and with the CDN absolute URLS (ie a full url with the CDN domain in).
A note, I think it is the same file being used for http and https just with a different link.
with http:
<link rel="stylesheet" href="http://wac.XXXX.edgecastcdn.net/XXXXX/YYYYY/sites/www/files/cdn/css/http/css_J_-98MtxkcTs4P4ZFerC1d6fUublIq1yIAddliMjSyc.css" />with https:
<link rel="stylesheet" href="https://www.example.com/sites/www/files/cdn/css/http/css_J_-98MtxkcTs4P4ZFerC1d6fUublIq1yIAddliMjSyc.css" />Comment #4
JeremyFrench CreditAttribution: JeremyFrench commentedDuplicate of #2018593: Aggregated CSS files include CDN rewrites on HTTPS pages when HTTPS in disabled
Comment #4.0
JeremyFrench CreditAttribution: JeremyFrench commentedfix typo in URL