Bug 15416

Summary: map is not displayed
Product: Websites Reporter: james Whitby <jim>
Component: mirrors.mageia.orgAssignee: Sysadmin Team <sysadmin-bugs>
Status: NEW --- QA Contact:
Severity: major    
Priority: Normal CC: contact, davidwhodgins, sysadmin-bugs
Version: trunk   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://mirrors.mageia.org/report
Whiteboard:
Source RPM: CVE:
Status comment:

Description james Whitby 2015-03-03 16:01:45 CET 
Description of problem:

Mirrors map willl not display the map. All other info is displayed.

Connect to 
https://mirrors.mageia.org/report

waited 2 minutes.

Reproducible: 

Steps to Reproduce:
Comment 1 Bit Twister 2015-03-03 16:42:23 CET 
I'll confirm the problem does exists.
Comment 2 Dave Hodgins 2015-03-03 20:45:29 CET 
This is an unusual one. It works in opera 12.16, konqueror 4.12.5, but not in firefox 31.5.0 ESR,
chromium-browser Version 40.0.2214.111 Mageia.Org 4 (64-bit) or google-chrome
Version 41.0.2272.76 (64-bit).

In iceape, it generates a warning that "Insecure information on this page was blocked" If unblock is selected the map is displayed with a warning that a third
party could read any info.

In firefox, http://mirrors.mageia.org/report does work, so it appears that
when an https url is used, all of the http links on the page are being blocked,
with no warning. I'll post a message to the atelier-discuss mailing list, to
see what they think, about the best way to fix this.

CC: (none) => davidwhodgins

Comment 3 james Whitby 2015-03-03 21:18:06 CET 
https is the default from the main page ( mirrors.mageia.org ).

I viewed the source and found this:

<p id="menu">
<span><a href="https://mirrors.mageia.org/">Mirror list</a></span>
<span><a href="https://mirrors.mageia.org/distrib">Distribution list</a></span>
<span><a href="https://mirrors.mageia.org/report">Mirrors map</a></span>
<span><a href="https://mirrors.mageia.org/new">register a mirror url</a></span>
</p>

Forcing http will in fact show the map.
Comment 4 james Whitby 2015-03-13 16:01:26 CET 
I have done some more checking in the viewable source code. 

It appears the pages are dynamicaly created, as the only differences I see are http vs https with info re: all mirror sites.

I *suspect* the anomoly is that the call to google maps is not changed to https on the secure page. Everything else is ( that I can find ).

The line number is 4068 and the code is:
<script type="text/javascript"
    src="http://maps.google.com/maps/api/js?sensor=false">
</script>

in both the secure and non-secure pages. 

I have no idea how these pages are created. Having said that, I suspect if the secure page used "https://maps.google.com/maps/api/js?sensor=false", that would remove the anomoly.
Comment 5 Daniel Tartavel 2019-05-02 15:03:13 CEST 
Hi,

 is it not more appropriate to change for openstreetmap ?

CC: (none) => contact

Comment 6 james Whitby 2020-05-27 07:52:05 CEST 
This bug still exists on Firefox.