Tiny Tiny RSS: Community

HTTPS warning for images issue

Ubuntu 18.04 php7.3 postgresql 10.8 ttrss v19.2 (e40c8da)


Im using ssl for my site, when i access the preference menu my ssl connection is ok, but when i

start browse

my feeds my browser gives me a warning about attackers might be able to watch the images im

watching , i recently turned on caching of media could that be it maybe? I tried turning it off

but didnt make any difference though, the certificate itself is ok and all just a warning,maybe its the php

running in the background fetching images ? My other sites is using same ssl setup and is working so i

think my ssl/certificate setup for the most is ok. Thanks for having a look!

If your TT-RSS installation is running over SSL/TLS and you load content from feeds that are served from a different site that is not secure then, yes, you will get mixed content warnings.

The solution is:

  1. Cache media; or,
  2. Enable the af_zz_imgproxy plugin.

The first will attempt to download and store the media on your server (which could noticeably increase the amount of storage you need since it caches images, audio and video). When enabled it caches everything at the same time it’s updating the feed, so your server has the media whether you read those articles or not.

The af_zz_imgproxy plugin by default proxies requests through your server so you don’t get mixed content warnings. It only affects articles that you actually read and it does cache the results so subsequent requests will be delivered right from your server instead of having your server fetch it on the Internet again. As the content is not immediately available on your server load times are increased because you have to request the image from your server, which then requests it from the originating server before delivering it to you.

There are pros and cons to both. I cache media for sites where I basically read every article and know I want the media (comic strips are a great example of this). I want the images to load fast, be available regardless of whether the originating site pulls the content, and I know I’m going to read the article so I want to have these images available.

For everything else I use proxy. Because I want a secure connection but don’t need to waste time and resources (both the originating server and mine) downloading everything.

e: Also make sure in config.php that the correct SELF_URL_PATH is defined with https:// at the beginning.

The plugin seemed to do the trick,thanks! I was caching all my feed though to start with and self url was correct set to https aswell,but the plugin fixed my errors :relaxed:

You can also try and change the protocol for the feed URL. A lot of feeds can also be fetched using HTTPS. Unfortunately some of them still have http:// hardcoded as the prefix for all entries so I wrote myself a plugin to fix the URLs if the feed is fetched securely.

Ill check that aswell cheers! I tend to never use plugins for most my stuff but this was usefull,i got many feeds i need to update though so better get going hehe thanks all for help!