Has anyone tested this plugin with 2.7.1?
smu wrote:
Has anyone tested this plugin with 2.7.1?
Good question - I also use this plugin!
Offline
When will be the plugin ready for piwigo 2.7.1?
Thanks a lot!!!
Offline
This is another request for updating this plugin to work with 2.7.1. I used it with 2.6.3 and could make the iPhone app work over https. Cannot with 2.7.1.
Thanks you if you can find the time...
Offline
Hi - I've just installed this in 2.7.2 and it seems to be working. Other than the problem with the iPhone app, are there any known issues I should watch out for?
Thanks!
Offline
Hello,
yesterday I updated to Piwigo 2.7.4. After the update all I had to reactivate all the plugins I used before. Almost everything is working again, but unfortunately I couldn't reactivate "Force HTTPS" plugin.
According to "/www/piwigo/plugins/piwigo-force-https/main.inc.php" most recent version 1.4.0 of Force HTTPS is installed.
When reactivating, I get this error:
Fatal error: Class 'piwigo-force-https_maintain' not found in /hp/bq/ac/io/www/piwigo/admin/include/plugins.class.php on line 96
Something must be wrong in this section of "plugins.class.php"
// 2.7 pattern (OO only)
if (file_exists($file_to_include.'.class.php'))
{
include_once($file_to_include.'.class.php');
return new $classname($plugin_id);
}
According to Notepad++ line numbering, this is line 96 from above section:
return new $classname($plugin_id);
What has to be changed/added in this line?
BTW: I receive same error message when trying to delete "Force HTTPS" from inactive plugins list.
Thanks in advance
FR
Offline
Nothing is wrong with this line
it's just that you installed the plugin in the wrong folder, it must be named "Force_HTTPS" and not "piwigo-force-https"
Offline
Hi mistic100,
thanks for your fast reply.
You are right, I renamed folder "piwigo-force-https" to "Force_HTTPS". Then I was asked to uninstall plugin "piwigo-force-https", which I did and finaly reactivated "Force_HTTPS" :-)
Honestly, I can't remember having changed or renamed installation folder in the past (I just had to do the "deltree" renaming). But anyway it is working again :-))
thanks and kind regards from Germany
FR
Offline
Hi, there's a bit of a discussion going on about 301 and 302 redirects here: http://piwigo.org/forum/viewtopic.php?pid=165137
Short version: it would be really good if this plug-in changed the redirect code from 302 to 301.
The reason is that a 302 redirect is a temporary redirect. It passes no ranking power from backlinks and is really a broken implementation when used for a permanent redirect. Between HTTP 1.0 and 1.1 the 302 status code "Moved Temporarily" was changed to mean "Found."
P.S. Even better if you can find a fix for rel=canonical links. Right now the canonical link does not include the protocol so a search engine visiting the HTTP and HTTPS versions will get a signal that both are canonical.
Offline
Hi gnurob,
There is also this [Forum, topic 26826] [Force HTTPS] questions about code and "login only" feature about this plugin. Unfortunately no answer to it. I'm going to see if bonhommedeneige if OK to transfer the code to Piwigo team, so that we can maintain/improve it :-)
Offline
Hi pig,
That's a great point you make. I'd say the code will continue in good hands if you both agree on the switch. Good luck with it!
Offline
Can anyone help me with this plugin; any way I can deactivate it and restore my site?
I activated it thinking it would just inforce https; but it now won't let me login to the site to do anything
I can't even get to the admin site to deactivate it
Offline
The value of 500 is set too low for Strict-Transport-Security. It should be at least 6 months. See here for example: https://wiki.mozilla.org/Security/Guide … t_Security
Offline
gnurob wrote:
Short version: it would be really good if this plug-in changed the redirect code from 302 to 301.
The reason is that a 302 redirect is a temporary redirect. It passes no ranking power from backlinks and is really a broken implementation when used for a permanent redirect. Between HTTP 1.0 and 1.1 the 302 status code "Moved Temporarily" was changed to mean "Found."
Hi gnurob,
A new version has been released (currently 2.0.1) which now redirects by default using the 301 code (an option is available to switch from 301 to 302 for those who still would like to use temporary redirection.
Arnaud (bonhommedeneige)
Offline
martinw wrote:
The value of 500 is set too low for Strict-Transport-Security. It should be at least 6 months. See here for example: https://wiki.mozilla.org/Security/Guide … t_Security
Fixed (and customizable) in the latest version. Thanks for the notice !
Arnaud (bonhommedeneige)
Offline