have read an old issue.

Wildcard SSL certs are more expensive.
Think it is not the best way. Also the solution with different Ports is not good. Could break some RFC standards and there are problem with firewalls also.

A detection of SSL could be usefull and if it is an SSL URL retrieve CSS and JS or images from the SSL base URL.

Comments

vacilando’s picture

vacilando commented
Category: feature » bug

I could not understand why https was breaking the layout of my sites until I realized that indeed the resources provided by subdomains are unsecured.

So for the time being I have to switch off Parallel until this issue is resolved, e.g. by getting the resources from the secure URL rather than from parallel subdomains in case an SSL connection is detected.

I also mark this as a bug rather than a feature request.

bennos’s picture

bennos commented

think it is not a bug.

you can use parallel with a wildcard ssl certificate. This is only a missing feature.

mikeytown2’s picture

mikeytown2 commented
Category: bug » feature
Status: Active » Postponed

If you wish to create a patch that detects if $_SERVER['HTTPS'] is set and act accordingly I will review and accept it. It needs to be an option since wildcard ssl's will work with this module.

ball.in.th’s picture

ball.in.th commented

My regular SSL certificate is valid for both domain.com and www.domain.com. So I use domain.com as the regular site and www.domain.com as the CDN for images. CSS & javascript files can be handled by http://drupal.org/project/css_gzip & http://drupal.org/project/javascript_aggregator . ^^

mikeytown2’s picture

mikeytown2 commented

Here's 1/2 the code

  if($_SERVER['https'] == 1) /* Apache */ { 
     return 'https://';
  } elseif ($_SERVER['https'] == 'on') /* IIS */ { 
     return 'https://'; 
  } elseif ($_SERVER['SERVER_PORT'] == 443) /* others */ { 
     return 'https://'; 
  } else { 
    return 'http://';
  }
allie micka’s picture

allie micka
she/her
commented

I would be a fan of optionally disabling parallel on SSL-enabled pages.

In many cases, authenticated administration pages (AKA the ones that might require SSL in certain configurations) are not the ones that require the performance boost provided by the parallel module. Thus, if it's not cost-effective to register a wildcard certificate, it can be optional for these kinds of sites.

In other configurations, wildcard certs would be the way to go, so it makes sense to set that as an option.

mikeytown2’s picture

mikeytown2 commented

$base_root is the correct way to detect http VS https in Drupal land now that I think about it.

marcus178’s picture

marcus178 commented

subscribing

marcus178’s picture

marcus178 commented

In the instruction it advises to add the url like //cdn1.example.com for http & https. Does that mean if you put in http://cdn1.example.com it would ignore https pages?

mikeytown2’s picture

mikeytown2 commented

@marcus178
no it would load those resources from http and not what your currently on. This would lead to a security popup about loading content from an insecure place while on a secure site.

wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Status: Postponed » Closed (won't fix)

This has been supported by the CDN module for quite some time. As per #933942: Merge Parallel and CDN modules: migration path, the Parallel module will be merged into the CDN module, so if you migrate now, that won't be an issue anymore :)