All Apps and Add-ons

Why is basic HTML formatting not visible when using Splunk App for Jenkins on Chrome?

New Member

All-in-one Splunk Enterprise 6.4.3 on RHEL 6. Installed Splunk App for Jenkins 1.0.1. No Jenkins master connections yet.

When viewed with the Chrome (53.x) browser, all the pages of the SA for Jenkins app the entire page looks like basic text with links and a few images. This includes the standard Splunk menu of (pardon my text representation)
splunk> User v Messages v Settings v Activity v Help v

If I go back to the main Splunk home, then the buttons and colors are present so the problem is only in the SA for Jenkins App.

Apparently there is a warning in the Chrome address bar that the stylesheet is loading scripts from non-https sources. (I have Splunk as an https site.)

Here is a message when I follow the messages in Chrome

Mixed Content: The page at 'https://splunk.mydomain.com/en-US/app/splunk_app_jenkins/overview' was loaded over HTTPS, but requested an insecure stylesheet 'http://splunk.mydomain.com/en-US/static/js/contrib/select2-3.4.6/select2.css'. This content should also be served over HTTPS.

If I do allow mixed content by clicking on the warning in Chrome, then the SA for Jenkins shows with colors and visuals.

In the IE 11 browser, I see the SA for Jenkins with colors and visuals from the start.

Can the SA for Jenkins honor the https access to get its content?

Note: I don't have https all the way through to the Splunk server. I terminate https at a load balancer and then pass http to the Splunk server. No other apps cause this mixed-content warning.

0 Karma

Splunk Employee
Splunk Employee

the page source has <link rel="stylesheet" type="text/css" media="all" href="../../../static/js/contrib/select2-3.4.6/select2.css" /> it is hard to believe that caused mix content warning. I guess it maybe related to Chrome cache, can you try it in "Incognito Window" which will not reuse previous cache.
By the way, I had tried on Apache reverse proxy but can not reproduce it.
In ssl.conf

ProxyPass         /  http://xx:8000/ nocanon
ProxyPassReverse  /  http://xx:8000/

ProxyRequests     Off
AllowEncodedSlashes NoDecode

<Proxy http://xx:8000/*>;
  Order deny,allow
  Allow from all
</Proxy>
0 Karma

New Member

Thanks for your review. I tried it in an incognito window without change.

I am sure that the mixed-content warning is due to load balancer terminating SSL and then non-SSL to Splunk. However works fine including for other Splunk apps and doesn't cause the significant effects.

I presume I will need to use SSL from load balancer to Splunkweb and I hope this will go away. I know that is a good practice.

0 Karma