<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body>
    <p>Hi Tomasz,</p>
    <p><br>
    </p>
    <p>I have just been checking RFC 6265 which is about the HTTP State
      Management System (i.e. Cookies).&nbsp; Point 6 of section 5.3 (see
      link below) makes clear that if the domain attribute is not set
      then it is assumed to be the same as the current request:<br>
    </p>
    <p><br>
    </p>
    <p><a class="moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Frfc%2Frfc6265%23section-5.3&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=gkvirEgiMQXHK7BJ%2BY5QxvSd8km7Mt24%2BK5QxPIuVOc%3D&amp;reserved=0" originalSrc="https://www.rfc-editor.org/rfc/rfc6265#section-5.3" shash="hSc7kJ+lDf12SylR4RSByXJAjCWOJb4CC+CcxUIPi0wVKVYUyk/B9tAJsuj4gOXewtsnqFS7O+4AUElHp8ts3HNJ3AaqM25dNSNL2BXJ6szJdknU9PRdBpdcaXJqed2GYUkK1QzZWVLhY4TV4ZaqWFu6+IesqXcu6lv2j04C6Wg=">https://www.rfc-editor.org/rfc/rfc6265#section-5.3</a></p>
    <p><br>
    </p>
    <p>Therefore, I cannot see any scenario where the domain not being
      set would create a security or functional problem, as there should
      be no need to share EPrints cookie data between domains, (e.g.
      multiple web sites at an institution).&nbsp; The only two cookies that
      EPrints deploys by default are for maintaing a logged in user's
      session and another for the language they have chosen if the
      repository is multi-language.&nbsp; Neither of these should need to be
      shared with other sites.&nbsp; Even if they did, the effective setting
      for domain in the cookie with be the same whether $c-&gt;{host} is
      defined or not.&nbsp; So the repository system administrator would have
      had to manually change the $c-&gt;{cookie_domain} setting to
      something other than the hostname of the repository, at which
      point the value for $c-&gt;{host} becomes inconsequential as it
      will no longer be playing a role in setting $c-&gt;{cookie_domain}.<br>
    </p>
    <p><br>
    </p>
    <p>This does not mean that the commit I made last night is
      inappropriate, just that functionally it will make no difference.&nbsp;
      However, at some point in the future it may concern someone (like
      it did us, yesterday) that the value for $c-&gt;{cookie_domain} is
      not being set because $c-&gt;{host} is undefined (if a repository
      has been configured for HTTPS only).&nbsp; So fixing this now will
      avoid concern further down the line.</p>
    <p><br>
      Regards</p>
    <p><br>
    </p>
    <p>David Newmam<br>
    </p>
    <p><br>
    </p>
    <div class="moz-cite-prefix">On 07/01/2022 00:47, David R Newman
      wrote:<br>
    </div>
    <blockquote type="cite" cite="mid:c93df0ec-2b9f-4337-e31d-f648c8b303dd@ecs.soton.ac.uk">
      
      <p>Hi Tomasz,</p>
      <p><br>
      </p>
      <p>Thanks for doing that review.&nbsp; Point 2 (cookie_domain) is
        important to fix, although it does not appear to break anything
        from a user perspective, setting the domain on cookies is
        important.&nbsp; I have fixed this with the latest commit:</p>
      <p><br>
      </p>
      <p><a class="moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fcommit%2Fbde3347551e0424fbbc166e52c9179b6e17b6704%23diff-5d51fb282bd5d973fb2de0a82e36cdfb465b9e69b2782c9c923f8a24aeaaad97&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=329vQo1J%2FMi62RdI3511TbxIWYTRaUeI0dgFTfRsVx0%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/commit/bde3347551e0424fbbc166e52c9179b6e17b6704#diff-5d51fb282bd5d973fb2de0a82e36cdfb465b9e69b2782c9c923f8a24aeaaad97" shash="Y7p3tWSuUbyeXoMh2lzwXI1qfwqf16u0BwOiiMdJbWmSkPNoj6pa29WBx1clf7W+MFLwXMhr2tYs4PoW+kCTI9IXQ/yWtva9xinF4hh6LI8KQBFTsFf3JWeocdOMzocAAe73Ns0BlpWD2G0s2I80YxUELGTLvZhWGioI+ylRTtA=" moz-do-not-send="true">https://github.com/eprints/eprints3.4/commit/bde3347551e0424fbbc166e52c9179b6e17b6704#diff-5d51fb282bd5d973fb2de0a82e36cdfb465b9e69b2782c9c923f8a24aeaaad97</a><br>
      </p>
      <p><br>
      </p>
      <p>I have added a GitHub&nbsp; issue for the DataCiteDOI plugin:</p>
      <p><br>
      </p>
      <p><a class="moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprintsug%2FDataCiteDoi%2Fissues%2F52&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=B1qaRSzMe2l7uIPjFAzwmgF9qfXK5wr%2BcRPJQtJSLCU%3D&amp;reserved=0" originalSrc="https://github.com/eprintsug/DataCiteDoi/issues/52" shash="leVIO3PeB0Ra5ENSO+K2h2J+zZPdBTM7wpWKavDVeczVYOQjJazo2em+6XnnU9WSCXB4AWzKbBxio73ksS+NKugu38yoAiDzMacn2G3K/QdyR5XcANFzBG2I2p5v+lBjPs1bnz5Pm9TbDvI+CHDP7XwJAgf7Zno+3k8bk3+4o5w=" moz-do-not-send="true">https://github.com/eprintsug/DataCiteDoi/issues/52</a></p>
      <p><br>
      </p>
      <p>The IRStats2 issue is less of a problem, as the code is
        commented out by default, so if a someone uncomments this, they
        should spot this is not working and be able to deal with that
        issue immediately.&nbsp; Rather than not noticing this has broken
        after changing their configuration to enable HTTPS only.&nbsp; Like
        would be the case the the other two instances.<br>
      </p>
      <p><br>
      </p>
      <p>Thanks and regards</p>
      <p><br>
      </p>
      <p>David Newman</p>
      <p><br>
      </p>
      <div class="moz-cite-prefix">On 06/01/2022 22:49, Tomasz
        Neugebauer wrote:<br>
      </div>
      <blockquote type="cite" cite="mid:YQXPR01MB2407EA1F1BAC4F5E6F2C6AC08B4C9@YQXPR01MB2407.CANPRD01.PROD.OUTLOOK.COM">
        
        <style type="text/css" style="display:none;">P {margin-top:0;margin-bottom:0;}</style>
        <div style="padding-bottom: 10px; padding-top: 5px;">
          <div style="padding:12px; border:1px solid #8D3970;
            background-color:#F7F9FA; color:#8D3970; font-size:14px;
            line-height:22px; font-family: Calibri, Arial, Helvetica,
            sans-serif;"> <strong>CAUTION:</strong> This e-mail
            originated outside the University of Southampton. </div>
        </div>
        <div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> I did
            some grep on our configuration files, and found the
            following instances:</div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
          </div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
            <ol>
              <li><span>DataCite DOI Minting</span></li>
            </ol>
          </div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
          </div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbazaar.eprints.org%2F304%2F1%2Fepm%2FDataCiteDoi%2Fcfg%2Fcfg.d%2Fz_datacitedoi.pl&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=yXqxKszqf97gYEeCxjtQtbEue7Bk0rlsTcFgOfRqZ00%3D&amp;reserved=0" originalSrc="https://bazaar.eprints.org/304/1/epm/DataCiteDoi/cfg/cfg.d/z_datacitedoi.pl" shash="EugNtgqgwt6DmmqRCdHERop6L5C+UsJxL4i0DUuVJMGvN8O2ESolU34KsZdBMfUy1GwYaioCxlJNBrARw8kxsxjz6BP6qAMz42O34n4QMq4blFqkAxmmzvlEcEpPaeJR9bfxG4aIAIUVwSn73OUlg4y3lC5Wek3FHnOUEV9RxpE=" originalsrc="https://bazaar.eprints.org/304/1/epm/DataCiteDoi/cfg/cfg.d/z_datacitedoi.pl" shash="Rh9CTNhC5mDM5Nu6WoYGzD7Kb+hsAHw9eQqldHKow08nmgMhN8Tf+Sb0IBN4GzVfdbqcg7Jbuy3kMugARuXvXXTy8aFmwPqIJ+XsJNIXusXHFxtgsDAdk9FpthOLk9djgdjrN8ndIxlQuSMpjTcrQdIgbO95UtoSntMMI0lJKdQ=" style="margin:0px;background-color:rgb(255, 255, 255)" moz-do-not-send="true">https://bazaar.eprints.org/304/1/epm/DataCiteDoi/cfg/cfg.d/z_datacitedoi.pl</a></div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <span style="color: rgb(0, 0, 0); font-family: Calibri, Arial,
              Helvetica, sans-serif; font-size: 12pt;">$c-&gt;{datacitedoi}{repoid}
              = $c-&gt;{host};</span></div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <span style="color: rgb(0, 0, 0); font-family: Calibri, Arial,
              Helvetica, sans-serif; font-size: 12pt;"><br>
            </span></div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> DataCite
            DOI minting, from the Bazaar, but in configuration file, so
            simply overwrote with &quot;$c-&gt;{securehost}&quot; in our local
            cfg/cfg.d/z_datacitedoi.pl</div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
          </div>
          <ol start="2">
            <li style="font-family: Calibri, Arial, Helvetica,
              sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> Core
              lib/cfg.d/misc.pl</li>
          </ol>
          <div><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fblob%2Fmaster%2Flib%2Fcfg.d%2Fmisc.pl&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=IgfC1Mw0x2zWtqUe4MoqRje12TcKQElDGCTOli9Bvg4%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/blob/master/lib/cfg.d/misc.pl" shash="MbjdYKRdwse2tXP9CxF5mkmwDkTK2YZFqLkjjgK7fQY8cNvKmfuRWLpVuw3idcqmaR+dITCSDnUJiMgQmrhO4uXrt+PxZQQqVDgsadM9eqKQ3Gr65e1hZENsWcXW/7EA2Ryg5dM/1TRMNpa8EXIuMlkSbyjzIX0sYHTMQiQPjB0=" originalsrc="https://github.com/eprints/eprints3.4/blob/master/lib/cfg.d/misc.pl" shash="VHCSjmDOv8rA/PCEzE8mwe66YxD7Y3wHyrKZ2SFiz1nCaPdybvoxb10/gDBb0Fso4p1XlrYNkK+oAn9KTic6LKFC4PS5lGxPdDwkb8Vznh65/MOAPAVl9nnViVHgFa75fI2LvsdPXGUIe0vNxhGwV9bHlKplwUNyrH44SZHYnqQ=" id="LPNoLPOWALinkPreview" moz-do-not-send="true">https://github.com/eprints/eprints3.4/blob/master/lib/cfg.d/misc.pl</a><br>
          </div>
          <div><span data-contrast="auto" class="TextRun SCXO58643483
              BCX0" style="margin:0px;user-select:text;font-variant-ligatures:none
!important;color:windowtext;text-align:left;background-color:rgb(255,
              255, 255);font-size:11pt;font-family:Calibri,
              Calibri_MSFontService, sans-serif;line-height:18px" lang="EN-US"><span class="NormalTextRun SCXO58643483 BCX0" style="margin:0px;user-select:text">$c-&gt;{</span><span class="SpellingError SCXO58643483 BCX0" style="margin:0px;user-select:text;background-repeat:repeat-x;background-position:leftbottom;background-image:url(&quot;data:image/gif;base64,R0lGODlhBQAEAJECAP////8AAAAAAAAAACH5BAEAAAIALAAAAAAFAAQAAAIIlGAXCCHrTCgAOw==&quot;:base64,R0lGODlhBQAEAJECAP////8AAAAAAAAAACH5BAEAAAIALAAAAAAFAAQAAAIIlGAXCCHrTCgAOw==&quot;);border-bottom:1px
                solid transparent">cookie_domain</span><span class="NormalTextRun SCXO58643483 BCX0" style="margin:0px;user-select:text">} = $c-&gt;{host};</span></span><span class="EOP SCXO58643483 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
              255,
              255);font-size:11pt;line-height:18px;font-family:Calibri,
              Calibri_MSFontService, sans-serif">&nbsp;</span><br>
          </div>
          <div><span class="EOP SCXO58643483 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
              255,
              255);font-size:11pt;line-height:18px;font-family:Calibri,
              Calibri_MSFontService, sans-serif"><br>
            </span></div>
          <div><span class="EOP SCXO58643483 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
              255,
              255);font-size:11pt;line-height:18px;font-family:Calibri,
              Calibri_MSFontService, sans-serif">Not sure what to do
              with this one?&nbsp; Should I change that or do something about
              it, given that {host} is now undefined?</span></div>
          <div><span class="EOP SCXO58643483 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
              255,
              255);font-size:11pt;line-height:18px;font-family:Calibri,
              Calibri_MSFontService, sans-serif"><br>
            </span></div>
          <ol start="3">
            <li><span class="EOP SCXO58643483 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
                255,
                255);font-size:11pt;line-height:18px;font-family:Calibri,
                Calibri_MSFontService, sans-serif"></span>IRStats2&nbsp;</li>
          </ol>
          <div>Processor Referrer<br>
          </div>
          <div><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Firstats2%2Fblob%2Fmaster%2Flib%2Fplugins%2FEPrints%2FPlugin%2FStats%2FProcessor%2FAccess%2FReferrer.pm%23L24&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=XTs8go4fLyeQVD1XHpwkZ5%2BZJt3F2x76vwxhjEPw5nA%3D&amp;reserved=0" originalSrc="https://github.com/eprints/irstats2/blob/master/lib/plugins/EPrints/Plugin/Stats/Processor/Access/Referrer.pm#L24" shash="dKHTECCiqM6zePi7R6rLHs2r7NonHpB0ekeHaU+ZNxhiONv7dWqGNQL3Rgsb4s2Ocd4eJ4DSFgChJQlhEUPw73Prm1arJWC2pe2ssOlm5ekZRb2HcT5z+2CAzOI2IPrIYl2rNsZtwVaf1Awqo5YBqZlPtFajyvQWhTgRE8v35+A=" originalsrc="https://github.com/eprints/irstats2/blob/master/lib/plugins/EPrints/Plugin/Stats/Processor/Access/Referrer.pm#L24" shash="UAZYsKWANyXLn2njYnHlL+aNIv5cLEnh70daXJ+/vik/99xHGt4L+pHwatKeKTtIn9xZwcTJOyagIkR9j11YqBmE3b6YC6nF72ufKY5EptXX75vwVPD7pQWKbvond5X2Ut48p1S4GsW5mdS8IG1WEh+uR3T3GeN0RZ0mUZGEPfw=" id="LPNoLPOWALinkPreview_2" moz-do-not-send="true">https://github.com/eprints/irstats2/blob/master/lib/plugins/EPrints/Plugin/Stats/Processor/Access/Referrer.pm#L24</a><br>
          </div>
          <div>$self-&gt;{host} = $self-&gt;{session}-&gt;config( &quot;host&quot;
            );<br>
          </div>
          <div><br>
          </div>
          <div><span style="font-family:Calibri, Arial, Helvetica,
              sans-serif;background-color:rgb(255, 255,
              255);display:inline !important">Not sure if this would no
              longer work now that &quot;host&quot; is undef?</span><br>
          </div>
          <div><br>
          </div>
          <div>Also, not an issue on our repo, but config file on
            irstats2 has this (optional code, commented out by default
            and on our repo):</div>
          <div><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Firstats2%2Fblob%2Fmaster%2Fcfg%2Fcfg.d%2Fz_irstats2.pl&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=5oTE%2B0JbXOJO6HCkWereFGjNtQX%2BKsXiN6IRw81Rk7k%3D&amp;reserved=0" originalSrc="https://github.com/eprints/irstats2/blob/master/cfg/cfg.d/z_irstats2.pl" shash="MVkvcYHUc7jZouSQb1DompUO2YpnrWG9cUMTFpW+S2+ZcgL01NmS9XLi8LcAT+63iRACn43KIzqSRofRblrnaOhKTJOeftYbijtDHJE8gSqztlRaEeqZh5kDRVIGWNrV/CCLQcdclJKviCAPWWuX25GribHB9fZ2tN8FfQmwpjA=" originalsrc="https://github.com/eprints/irstats2/blob/master/cfg/cfg.d/z_irstats2.pl" shash="szVCLMaQbzRFewxQH2wUQos/1Dv81q1t+yyiIDnyD/5delU4VcCsCU1bvwoTRqxxbxKoA72x+UNF2oCnXco8JXdQP/VyDGQ7quKOduthJ3kJw7hAhE4XfvcPQ1OKAQmsl2xmzjHQISV0PGc5KOGsmtdGZ3mGmNyC6SgJMW58aXc=" id="LPlnkOWALinkPreview_1" moz-do-not-send="true">https://github.com/eprints/irstats2/blob/master/cfg/cfg.d/z_irstats2.pl</a></div>
          <div><span data-contrast="auto" class="TextRun SCXO200029000
              BCX0" style="margin:0px;user-select:text;font-variant-ligatures:none
!important;color:windowtext;text-align:left;background-color:rgb(255,
              255, 255);font-size:11pt;font-family:Calibri,
              Calibri_MSFontService, sans-serif;line-height:18px" lang="EN-US"><span class="NormalTextRun SCXO200029000
                BCX0" style="margin:0px;user-select:text">my $hostname =
                $session-&gt;config( 'host' ) or return 0;</span></span><span class="EOP SCXO200029000 BCX0" style="margin:0px;user-select:text;color:windowtext;text-align:left;background-color:rgb(255,
              255,
              255);font-size:11pt;line-height:18px;font-family:Calibri,
              Calibri_MSFontService, sans-serif">&nbsp;</span></div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
          </div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> Tomasz</div>
          <div style="font-family: Calibri, Arial, Helvetica,
            sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
          </div>
          <div>
            <div style="font-family: Calibri, Arial, Helvetica,
              sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
            </div>
            <div id="Signature">
              <div>
                <div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif;
                  font-size:; margin:0">
                  <div style="font-family:Tahoma; font-size:13px">
                    <p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;
                      font-size:11pt; font-family:Calibri,sans-serif;
                      color:rgb(33,33,33); background:white"> <span style="font-size:8pt; font-family:&quot;Courier
                        New&quot;; color:rgb(166,166,166)" lang="FR-CA">________________________________________________</span></p>
                    <p class="MsoNormal" style="margin:0cm 0cm 12pt
                      17.85pt; font-size:11pt;
                      font-family:Calibri,sans-serif;
                      color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                        font-family:Arial,sans-serif; color:black" lang="FR-CA">Tomasz Neugebauer<span style=""><br>
                        </span><span style="background-color:rgb(255,255,255);
                          display:inline!important">Senior Librarian |
                          Bibliothécaire titulaire </span><span style="margin:0px;
                          background-color:rgb(255,255,255)"><br>
                        </span>Digital Projects &amp; Systems
                        Development Librarian / Bibliothécaire des
                        Projets Numériques &amp; Développement de
                        Systèmes<br>
                        Concordia University / Université Concordia</span></p>
                    <p class="MsoNormal" style="margin:0cm 0cm 12pt
                      17.85pt; font-size:11pt;
                      font-family:Calibri,sans-serif;
                      color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                        font-family:Arial,sans-serif; color:black" lang="FR-CA">Tel. / Tél. 514-848-2424 ext. /
                        poste 7738<br>
                        Email / courriel:&nbsp;</span><a tabindex="0" href="mailto:tomasz.neugebauer@concordia.ca" target="_blank" moz-do-not-send="true"><span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:blue" lang="FR-CA">tomasz.neugebauer@concordia.ca</span></a><span style="font-size:9pt;
                        font-family:Arial,sans-serif; color:black"></span></p>
                    <p class="MsoNormal" style="margin:0cm 0cm 12pt
                      17.85pt; font-size:11pt;
                      font-family:Calibri,sans-serif;
                      color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                        font-family:Arial,sans-serif; color:black" lang="FR-CA">Mailing address / adresse
                        postale:&nbsp;1455 De Maisonneuve Blvd.
                        W.,&nbsp;LB-540-03, Montreal, Quebec H3G 1M8<br>
                        Street address / adresse municipale: 1400&nbsp;De
                        Maisonneuve Blvd. W.,&nbsp;LB-540-03, Montreal,
                        Quebec H3G 1M8</span></p>
                    <p class="MsoNormal" style="margin:0cm 0cm 12pt
                      17.85pt; font-size:11pt;
                      font-family:Calibri,sans-serif;
                      color:rgb(33,33,33); background:white"> <span class="MsoHyperlink" style="color:rgb(5,99,193);
                        text-decoration:underline"><span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:purple" lang="IT">library.concordia.ca</span></span></p>
                  </div>
                </div>
              </div>
            </div>
          </div>
          <hr style="display:inline-block;width:98%" tabindex="-1">
          <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
              Tomasz Neugebauer <a class="moz-txt-link-rfc2396E" href="mailto:Tomasz.Neugebauer@concordia.ca" moz-do-not-send="true">&lt;Tomasz.Neugebauer@concordia.ca&gt;</a><br>
              <b>Sent:</b> Thursday, January 6, 2022 3:34 PM<br>
              <b>To:</b> David R Newman <a class="moz-txt-link-rfc2396E" href="mailto:drn@ecs.soton.ac.uk" moz-do-not-send="true">&lt;drn@ecs.soton.ac.uk&gt;</a>;
              <a class="moz-txt-link-abbreviated moz-txt-link-freetext" href="mailto:eprints-tech@ecs.soton.ac.uk" moz-do-not-send="true">eprints-tech@ecs.soton.ac.uk</a>
              <a class="moz-txt-link-rfc2396E" href="mailto:eprints-tech@ecs.soton.ac.uk" moz-do-not-send="true">&lt;eprints-tech@ecs.soton.ac.uk&gt;</a><br>
              <b>Subject:</b> Re: [EP-tech] mixed-content warnings</font>
            <div>&nbsp;</div>
          </div>
          <style type="text/css" style="display:none">p
        {margin-top:0;
        margin-bottom:0}</style>
          <div dir="ltr">
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> Hi David,</div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <br>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> Thank you for the
              detailed explanation and all of your work on this.</div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> I did not know if
              unsetting {host} variable is the recommended way going
              forward, hence I hesitated, but g<span style="color:rgb(0,0,0);
                font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt">iven that our repository is HTTPS-only
                with HSTS , running on 3.4.3, unsetting the {host} to
                undefined seems like the best way forward.&nbsp; I will do
                that that.&nbsp; As I wrote, I did notice that this solves
                the issue on the testing server, it's just that I didn't
                know if that is a setting that is &quot;supported&quot;.&nbsp; These
                wiki help pages have the {host} set in the examples:</span></div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <span style="color:rgb(0,0,0);
                font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt"><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FHow_to_use_EPrints_with_HTTPS&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=bsHcHuz55BIYrwHq0fSBMgF2CGpuFOcydwSezWzM1yE%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/How_to_use_EPrints_with_HTTPS" shash="WwIloO+qjEH2Gtop+jDm1rW7BqeTcNJEMcaao2cDfI73wyHHi79cSRR8NxT6vaNIdKrs5lfW6jDRfY7e5+54vjq4hDLWKl4kd0LI+lMNAIvlD4TroxScpYPWKEN5xi3daedpb75q2FTVdILhS3apL5ImTpKAZh14m+dUbGiDfVY=" originalsrc="https://wiki.eprints.org/w/How_to_use_EPrints_with_HTTPS" shash="NfedFAWJpRzZanwMrbEueIRfEdGq6qrEjKEKisGzRYz44C9N7HOWBEMB8k5BV67B+JiQ7MJJyHwcBRsRDVTIhXAWJzaNjy60MOjxg8JwIX00bcW6l7cHOmC3psa4zA/QEd1fJ0sr1h1TYnwdGV9fMQ1Rn/rbGOo91RsOWpr3sjc=" id="LPNoLPOWALinkPreview_1" moz-do-not-send="true">https://wiki.eprints.org/w/How_to_use_EPrints_with_HTTPS</a><br>
              </span></div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FHTTPS-only_and_HSTS&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=rIk34pI15CjOJT5WZpx%2FHpCNRX6rEoaH%2BHoOWGIEw8A%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/HTTPS-only_and_HSTS" shash="EI39R1bV+3tbOdayXIeSwN0AcKNDnKmdy2N/69/LvLTxaKQzPy13M7bfRh/7Pk+KJTKSwmDBvCnT66C/AJQv19wHJgs5m2F3F0yIV17fZ60zqVBZlFU59gxfrsxY1BdFGFLR+e+BNnc95Sqlkso54IKJ6YBA1YPWWsX1i39k3a4=" originalsrc="https://wiki.eprints.org/w/HTTPS-only_and_HSTS" shash="KF2jnnJW4okg0/LY6itDL4GAHi+rkN2pbS1rXlSJ6wH2P/kjkD86S5zLlmKUef/ZTuYfkY/+D80GH4o0qwMoRp0M+k6g7aUiQA7Tz6tgj1kyChQQvUXi4ffG9pDheIT5zRqMY9mtgFwAojIO8rEm/1MCiaDG7rfR02ePog8tTUo=" id="LPNoLPOWALinkPreview_2" moz-do-not-send="true">https://wiki.eprints.org/w/HTTPS-only_and_HSTS</a><br>
            </div>
            <div class="x__Entity x__EType_OWALinkPreview
              x__EId_OWALinkPreview_2 x__EReadonly_1"> </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> and I was also unaware
              of this page:</div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FSimplified_HTTPS_Configuration&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=X4RnNOoOFpAH1vicL8v8x51Bakwtbj0kF6KWxv9wbXg%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration" shash="hGkeg7Fv1I+Y+2czNow9VZrCpScEv+iw5VJd6oQH8bThiCO+yyNXxDUDTVz2E6PhariAfcD3VqOgSng6iLfdfRhRk8U/Pexyg92s13jYHVFzhY6CVKGEF+0esZiP8d+phqeTGTghhsV1OOBhOJJydIqRAsx/2tjvWs/GadZmucA=" originalsrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration" shash="hN+0xe7pXC9Cby+nn6cwbOl8ovx5imAR//Xyp3QbPwtOi6KL9hwL/7Eh0G6SGJTYC5O/6CP+NWp5Ewl78i6NKDHuyo5EmNzljwGqd8YXU9dPVgb9/dQLdSMPPjmYPXfUqfTJGhaN+Lw1VlEnQiaJi2v5xhdaOYpDzkQVm0d88Jc=" id="LPNoLPOWALinkPreview" moz-do-not-send="true">https://wiki.eprints.org/w/Simplified_HTTPS_Configuration</a><br>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> Let's add a link to the
              &quot;Simplified HTTPS Configuration&quot; page from some of these
              others?<br>
              <br>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> I did track down the
              same line that you referenced (<span style="font-size:14px; color:rgb(0,0,0)">perl_lib/EPrints/URL.pm)
                while troubleshooting, so it is reassuring that I was on
                the right track: </span><span style="color:rgb(0,0,0);
                font-size:14px">if ( EPrints::Utils::is_set(
                $session-&gt;config( &quot;securehost&quot; ) ) &amp;&amp; (
                $opts{scheme} eq &quot;https&quot; || !EPrints::Utils::is_set(
                $session-&gt;config( &quot;host&quot; ) )&quot;</span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px"><br>
              </span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px">I
                will search through our configuration files to make sure
                that &quot;host&quot; variable isn't used for something without a
                fallback, but I think that I will not find that.&nbsp; I was
                more worried about breaking something in the core by
                unsetting that {host} variable, so your message was very
                helpful.</span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px"><br>
              </span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px">Best
                wishes,</span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px"><br>
              </span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px">Tomasz</span></div>
            <div style="color:rgb(0,0,0)"><span style="font-size:14px"><br>
              </span>
              <p style="font-size:14px;
                background-color:rgb(255,255,255); margin-top:0px;
                margin-bottom:0px"> <br>
              </p>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <br>
            </div>
            <div class="x__Entity x__EType_OWALinkPreview
              x__EId_OWALinkPreview x__EReadonly_1"> </div>
            <br>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <br>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <span style="color:rgb(0,0,0);
                font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt"><br>
              </span></div>
            <div>
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)"> <br>
              </div>
              <div id="x_Signature">
                <div>
                  <div name="x_divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:; margin:0">
                    <div style="font-family:Tahoma; font-size:13px">
                      <p class="x_MsoNormal" style="margin:0cm 0cm
                        0.0001pt; font-size:11pt;
                        font-family:Calibri,sans-serif;
                        color:rgb(33,33,33); background:white"> <span style="font-size:8pt;
                          font-family:&quot;Courier New&quot;;
                          color:rgb(166,166,166)" lang="FR-CA">________________________________________________</span></p>
                      <p class="x_MsoNormal" style="margin:0cm 0cm 12pt
                        17.85pt; font-size:11pt;
                        font-family:Calibri,sans-serif;
                        color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:black" lang="FR-CA">Tomasz Neugebauer<span style=""><br>
                          </span><span style="background-color:rgb(255,255,255);
                            display:inline!important">Senior Librarian |
                            Bibliothécaire titulaire </span><span style="margin:0px;
                            background-color:rgb(255,255,255)"><br>
                          </span>Digital Projects &amp; Systems
                          Development Librarian / Bibliothécaire des
                          Projets Numériques &amp; Développement de
                          Systèmes<br>
                          Concordia University / Université Concordia</span></p>
                      <p class="x_MsoNormal" style="margin:0cm 0cm 12pt
                        17.85pt; font-size:11pt;
                        font-family:Calibri,sans-serif;
                        color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:black" lang="FR-CA">Tel. / Tél. 514-848-2424 ext. /
                          poste 7738<br>
                          Email / courriel:&nbsp;</span><a tabindex="0" href="mailto:tomasz.neugebauer@concordia.ca" target="_blank" moz-do-not-send="true"><span style="font-size:9pt;
                            font-family:Arial,sans-serif; color:blue" lang="FR-CA">tomasz.neugebauer@concordia.ca</span></a><span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:black"></span></p>
                      <p class="x_MsoNormal" style="margin:0cm 0cm 12pt
                        17.85pt; font-size:11pt;
                        font-family:Calibri,sans-serif;
                        color:rgb(33,33,33); background:white"> <span style="font-size:9pt;
                          font-family:Arial,sans-serif; color:black" lang="FR-CA">Mailing address / adresse
                          postale:&nbsp;1455 De Maisonneuve Blvd.
                          W.,&nbsp;LB-540-03, Montreal, Quebec H3G 1M8<br>
                          Street address / adresse municipale: 1400&nbsp;De
                          Maisonneuve Blvd. W.,&nbsp;LB-540-03, Montreal,
                          Quebec H3G 1M8</span></p>
                      <p class="x_MsoNormal" style="margin:0cm 0cm 12pt
                        17.85pt; font-size:11pt;
                        font-family:Calibri,sans-serif;
                        color:rgb(33,33,33); background:white"> <span class="x_MsoHyperlink" style="color:rgb(5,99,193);
                          text-decoration:underline"><span style="font-size:9pt;
                            font-family:Arial,sans-serif; color:purple" lang="IT">library.concordia.ca</span></span></p>
                    </div>
                  </div>
                </div>
              </div>
            </div>
            <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
              font-size:12pt; color:rgb(0,0,0)"> <br>
            </div>
            <hr tabindex="-1" style="display:inline-block; width:98%">
            <div id="x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> David R Newman <a class="moz-txt-link-rfc2396E" href="mailto:drn@ecs.soton.ac.uk" moz-do-not-send="true">&lt;drn@ecs.soton.ac.uk&gt;</a><br>
                <b>Sent:</b> Thursday, December 23, 2021 8:00 PM<br>
                <b>To:</b> <a class="moz-txt-link-abbreviated
                  moz-txt-link-freetext" href="mailto:eprints-tech@ecs.soton.ac.uk" moz-do-not-send="true">eprints-tech@ecs.soton.ac.uk</a>
                <a class="moz-txt-link-rfc2396E" href="mailto:eprints-tech@ecs.soton.ac.uk" moz-do-not-send="true">&lt;eprints-tech@ecs.soton.ac.uk&gt;</a>;
                Tomasz Neugebauer <a class="moz-txt-link-rfc2396E" href="mailto:Tomasz.Neugebauer@concordia.ca" moz-do-not-send="true">&lt;Tomasz.Neugebauer@concordia.ca&gt;</a><br>
                <b>Subject:</b> Re: [EP-tech] mixed-content warnings</font>
              <div>&nbsp;</div>
            </div>
            <div>
              <p style="margin-top:0px; margin-bottom:0px"><span style="font-weight:bold; color:rgb(156,0,0)">Attention</span>
                This email originates from outside the concordia.ca
                domain. // Ce courriel provient de l'exterieur du
                domaine de concordia.ca</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <div><br>
              </div>
              <p style="margin-top:0px; margin-bottom:0px">Hi Tomasz,</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">Mixed content
                warnings is something, I have been trying to improve in
                recent version of EPrints, so new installs should not
                suffer these problems.&nbsp;&nbsp; However, upgrades will still be
                problematic.&nbsp; This is because old templates, citations,
                workflows and even CSS and Javascript files may have
                http URLs in them.&nbsp; This means you really need to go
                through all these files and seek out http URLs.</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">The main
                problem I have found is the use http_url or http_cgiurl
                in templates citations and even workflows.&nbsp; These should
                ideally use rel_path and rel_cgipath instead but as this
                does not give your the full URL it might be better to
                use base_url and perl_url instead.&nbsp; However, to make
                sure that these are https not http, you will need to
                make sure you have either no or an up to date version of
                20_baseurls.pl in your archive's cfg/cfg.d/ (assuming
                you are running 3.4.1+, which it sounds like you are).&nbsp;
                This is because of a change made for 3.4.1 to ensure
                that base_url and perl_url get configured as https if
                $c-&gt;{securehost} is defined.<br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">It is worth
                grepping across all of your archive's cfg directory for
                the string &quot;http:&quot; to route out any hardcoded http URLs.</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">One of the
                things I did in recent versions of EPrints is provide a
                way of reconfiguring 10_core.pl to better/more intuitive
                enable HTTPS everywhere [1].&nbsp; This ensures all http URL
                requests are redirected to https without needing to have
                picked up the HSTS header, which require visiting an
                https URL at least once (and therefore does not work for
                stateless bots).&nbsp; If you deploy HTTPS everywhere, as
                well as running generate_apacheconf and reloading the
                webserver, you will need to make sure all browse views
                and abstract pages are regenerated.&nbsp; <br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">As you
                comment in your email below, you are worried about
                unsetting $c-&gt;{host} as it may break things.&nbsp; I am
                aware of one issue with this in 3.4.3 core code [2].&nbsp;
                However, this is a fairly straightforward fix and is
                only a problem if your have multiple languages enabled
                for your repository.&nbsp; If you use the Repository Links
                Bazaar plugin [3], that will also require a similar
                fix.&nbsp; I think there may be one or two other Bazaar
                plugins that use $c-&gt;{host} but I cannot remember
                what they are off the top of my head.<br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
                If you look at perl_lib/EPrints/URL.pm line 129 [4] you
                should see the line:</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">if (
                EPrints::Utils::is_set( $session-&gt;config(
                &quot;securehost&quot; ) ) &amp;&amp; ( $opts{scheme} eq &quot;https&quot;
                || !EPrints::Utils::is_set( $session-&gt;config( &quot;host&quot;
                ) ) <br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">If you have
                HTTPS everywhere configuration enabled this should
                ensure HTTPS URLs are always used for things like the
                thumbnail URLs you describe having a problem with.&nbsp;
                However, if you are not using HTTPS everywhere
                configuration you will still get http URLs for
                thumbnails and similar.&nbsp; I would therefore recommending
                enabling this and I will see if I can track down the
                Bazaar plugins that may be affected by $c-&gt;{host}
                being undefined.</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">The problem
                with EPrints is it has gone through various iterations
                of HTTP/HTTPS use:</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">1. No HTTPS <br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">2. HTTP for
                public pages and HTTPS for back-end admin pages.</p>
              <p style="margin-top:0px; margin-bottom:0px">3. HTTPS for
                all pages</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">This means as
                the code has evolved over time how to configure the
                appropriate URLs in various situation has got
                progressively more complicated, as way of supporting
                these different approaches for HTTPS have been
                incorporated into ePrints over the year.&nbsp; I go in to a
                bit of detail about this in the EPrints 3.4.3 release
                page [5].&nbsp; I still don't think this is perfect, as there
                is the potential requirements in Bazaar plugins or
                bespoke archive code/configuration that require
                $c-&gt;{host} to be defined.&nbsp; However, after a lot of
                consideration, the changes I made for 3.4.3 tried to
                make the best compromise between fixing the mixed
                content warnings, simplifying URLs config variables and
                their use and not seriously breaking existing
                repositories when they are upgraded.<br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">Regards</p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">David Newman<br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">[1] <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FSimplified_HTTPS_Configuration&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=X4RnNOoOFpAH1vicL8v8x51Bakwtbj0kF6KWxv9wbXg%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration" shash="hGkeg7Fv1I+Y+2czNow9VZrCpScEv+iw5VJd6oQH8bThiCO+yyNXxDUDTVz2E6PhariAfcD3VqOgSng6iLfdfRhRk8U/Pexyg92s13jYHVFzhY6CVKGEF+0esZiP8d+phqeTGTghhsV1OOBhOJJydIqRAsx/2tjvWs/GadZmucA=" originalsrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration" shash="hN+0xe7pXC9Cby+nn6cwbOl8ovx5imAR//Xyp3QbPwtOi6KL9hwL/7Eh0G6SGJTYC5O/6CP+NWp5Ewl78i6NKDHuyo5EmNzljwGqd8YXU9dPVgb9/dQLdSMPPjmYPXfUqfTJGhaN+Lw1VlEnQiaJi2v5xhdaOYpDzkQVm0d88Jc=" moz-do-not-send="true">
https://wiki.eprints.org/w/Simplified_HTTPS_Configuration</a></p>
              <p style="margin-top:0px; margin-bottom:0px">[2] <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fissues%2F118&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=uAm6%2BEjzKCPxud4VUtE0wvPvjZJKDWfxtuUQTINjy8Y%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/issues/118" shash="G1E5UNoOJWZGHXTOce1uXnXOp6FLSyPcVXuaFooVdAlO4KFxatelAKQS5DnTfN+wsDbUoNISRsBGlPbDTtS3AgvX85+wVJ3wq6UWwpCOHrHlE9cGUQtblOQsHMbJyNPyEGxjtWdIuwgWkCS2PL8D37PtRquZx3StUvm/UZJBw9w=" originalsrc="https://github.com/eprints/eprints3.4/issues/118" shash="saqdOYwaAnyQSufhtkrsbptvb1xvUeFPqcZr/r8rLkcd4nLTTDeoc5BV3Qs9673Q6n1Hd+ECZZQxJkOUKcyqwzhjKF1r3we7HzCe8dYpq4+knYBF+x+QwUBokH5KKBS/oIjWal0TkOoIF9mHbMXswziR3/xLgh+sHvgCUZXTLX8=" moz-do-not-send="true">
                  https://github.com/eprints/eprints3.4/issues/118</a></p>
              <p style="margin-top:0px; margin-bottom:0px">[3] <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbazaar.eprints.org%2F379%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=cbQVwJDUsfxB1bOHk1XPw7a95uBZB%2BhkM6839bZjplQ%3D&amp;reserved=0" originalSrc="http://bazaar.eprints.org/379/" shash="VU+I0aIZjVTKMB+CLQNsRMoaWhHPvmPVKesoR4t+pH145nDR40A2sQrgLU5QFb1OHYPcI0aAn2NxKQgg/GFnSEcvpPLCUrrhRamu6ibzaq3dAZOTkudDXxnl40q88Sy00/kstj1viEJEhMkH6YukGdDEUBWQYpRYDCGsOSR4owU=" originalsrc="http://bazaar.eprints.org/379/" shash="v5qEbUZpNikWPndch9n/Jm9x882OcVciWFA2tTkeh1qH8qn8Z7CqntrzIGULWR3lvkwJo730kPg6FUhVnARDmJgBTpQGPDy8eoS0D2zwK0MVzHR4w1Uo8s7B+BJqWAlRZTO+MZ1IXlHAxl5LbrtVvpMD2q9bF1zhqH+DUn7g07U=" moz-do-not-send="true"> http://bazaar.eprints.org/379/</a><br>
              </p>
              <p style="margin-top:0px; margin-bottom:0px">[4] <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fblob%2Fmaster%2Fperl_lib%2FEPrints%2FURL.pm%23L129&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=YjTQ5xL8qJmquwM3pdQwCJmj2Tdb4CAqTzWMqATmAsY%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/blob/master/perl_lib/EPrints/URL.pm#L129" shash="P1bWvQSNT+bNs+uVat3sdrVydsn50vsHZJLU4FxPGuxnmLuu90uuZP4z0489m4IWy0YNo0ai2CEJy53Uv/tlQOv2heXxO+2pLDOCbtH6UarcN5rkhK4dlSxO3AnmMMkhPsPDP50WlBg0MW+4ISWDAcqjLl+5g9hI79Yl5mtfnMo=" originalsrc="https://github.com/eprints/eprints3.4/blob/master/perl_lib/EPrints/URL.pm#L129" shash="riuaS1xCFrJm5clwwZXYNQTq+/vbXbD7fprTC6IacQyBHpupmpcjUXIq/cq2mJ6oEAcIoN8wmUgH2/hhSbBhiZq4fCQTMik8xJsGzt+hhkUjXWAGWlODnaRP+pp4Xnu8hQBlB9SHzUbboQRN6IE5L6FPJnYNMx3DO8/mRQVV2hY=" moz-do-not-send="true">
https://github.com/eprints/eprints3.4/blob/master/perl_lib/EPrints/URL.pm#L129</a></p>
              <p style="margin-top:0px; margin-bottom:0px">[5] <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FEPrints_3.4.3%23Configuration_URLs_and_Paths&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=tkfwyjDxuDGpKwZXBEHX71BpqOT6laFB6%2FAU7puicxM%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/EPrints_3.4.3#Configuration_URLs_and_Paths" shash="s3/IGZt9H4PYOBayvay5FlAGVa8CF3YHZhWN42w1reWWxBFCOh94ki/kKgB4XSNiXOD7o5/KIGKKRxLyThzgT2cWCgcqLaoL7E+9Y64er5QIYKqeoNnjthO3oQNK5JRHOV3pJwsCpbTDyKEnNhPz2PPowvodq60QPXukO2aUeDo=" originalsrc="https://wiki.eprints.org/w/EPrints_3.4.3#Configuration_URLs_and_Paths" shash="JIjluqJlDtvkTOR43oq+VwdCN8Mqv4u4htPpa/gMF7qrhEDrc9fMfglcf1e8PbGACAFTroNkXSuZqfaB5ptA7NzNdam+5F0fA1qlKVWkYhQBDzEL70pKb9+1knzXj48yGUxFw827b99imMunvMNOA9YEEN8nThXcs2FUBRba4xY=" moz-do-not-send="true">
https://wiki.eprints.org/w/EPrints_3.4.3#Configuration_URLs_and_Paths</a></p>
              <p style="margin-top:0px; margin-bottom:0px"><br>
              </p>
              <div class="x_x_moz-cite-prefix">On 23/12/2021 23:12,
                Tomasz Neugebauer via Eprints-tech wrote:<br>
              </div>
              <blockquote type="cite">
                <div style="padding-bottom:10px; padding-top:5px">
                  <div style="padding:12px; border:1px solid #8D3970;
                    background-color:#F7F9FA; color:#8D3970;
                    font-size:14px; line-height:22px;
                    font-family:Calibri,Arial,Helvetica,sans-serif"> <strong>CAUTION:</strong>
                    This e-mail originated outside the University of
                    Southampton. </div>
                </div>
                <div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> I thought​ that I
                    resolved all of the &quot;mixed content&quot; warnings on our
                    repository a while back, but after a recent upgrade
                    from 3.3.12 to 3.4.3, I noticed that I have some
                    mixed content warnings again, specifically on the
                    thumbnails on the abstract pages.&nbsp; I might have
                    missed some of these warning before, though, so this
                    might not be a new issue after the upgrade.&nbsp;&nbsp;</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> <br>
                  </div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> Because I have
                    HSTS headers, the browser redirects those those
                    requests to HTTPS, but I would like to fix it.&nbsp; Both
                    the SRC and the HREF of the thumbnails for PDFs are
                    referenced as HTTP instead of HTTPS.&nbsp; The only thing
                    that fixed it during my testing was if I was to
                    remove (comment out) &quot; the&nbsp;<span style="background-color:rgb(255,255,255);
                      display:inline!important">$c-&gt;{host}<span>&nbsp;</span></span>
                    line/ariable in 10_core.pl</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> That resolves the
                    issue, but I'm worried to apply this change because
                    I don't know if something else might rely on that
                    variable.</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> <br>
                  </div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> I spent a good
                    part of a day trying to follow the code, and I know
                    that the {scheme} variable in URL.pm doesn't get
                    properly set to https in the case of the thumbnails,
                    but the code is so confusing when it comes to the
                    thumbnail URLs that I can't figure out why.&nbsp; I do
                    have a suspicion that there is a bug in the core
                    code somewhere, but perhaps it is something in our
                    own configuration.&nbsp;</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> I know this issue
                    is not new to this list, in fact, I wrote the first
                    drafts of the HSTS page on the Wiki (<a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FHTTPS-only_and_HSTS&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=rIk34pI15CjOJT5WZpx%2FHpCNRX6rEoaH%2BHoOWGIEw8A%3D&amp;reserved=0" originalSrc="https://wiki.eprints.org/w/HTTPS-only_and_HSTS" shash="EI39R1bV+3tbOdayXIeSwN0AcKNDnKmdy2N/69/LvLTxaKQzPy13M7bfRh/7Pk+KJTKSwmDBvCnT66C/AJQv19wHJgs5m2F3F0yIV17fZ60zqVBZlFU59gxfrsxY1BdFGFLR+e+BNnc95Sqlkso54IKJ6YBA1YPWWsX1i39k3a4=" originalsrc="https://wiki.eprints.org/w/HTTPS-only_and_HSTS" shash="uQWr70l9igwt+k/MqbbmUok+1Swge0s818fWhk929ZHovrODndxcGNSH5mhSDiZgehvtu19TqYOBwUmBxT1p5yLUZq9tRC80uHOeAeC09W/bg8PpQZRYO7IdOZ+hnjGiWjtC5/fYauj9rsAO0giuadrmvsIJMSnQXSXBKDRgoj0=" id="LPNoLPOWALinkPreview" moz-do-not-send="true">https://wiki.eprints.org/w/HTTPS-only_and_HSTS</a>),
                    but looking through the updated page there and any
                    recent exchanges that relate to this didn't help me
                    figure it out.&nbsp;&nbsp;</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> Let me know if
                    you have any ideas?</div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> <br>
                  </div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> Best wishes,
                    <div>Tomasz</div>
                  </div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> <br>
                    <br>
                  </div>
                  <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                    font-size:12pt; color:rgb(0,0,0)"> <br>
                  </div>
                  <div>
                    <div id="x_x_Signature">
                      <div>
                        <div name="x_x_divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif;
                          font-size:; margin:0"> </div>
                      </div>
                    </div>
                  </div>
                </div>
                <br>
                <fieldset class="x_x_moz-mime-attachment-header"></fieldset>
                <pre class="x_x_moz-quote-pre">*** Options: <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmailman.ecs.soton.ac.uk%2Fmailman%2Flistinfo%2Feprints-tech&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=EsVwWE8MT%2Fe6JUJSuI%2BpNLkwXdyfkztjpo2UAq%2Bz1I4%3D&amp;reserved=0" originalSrc="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" shash="Inw/AvCvnEDwRsisq3oFPGxcxbHL5TfaEkc8XRTxKe1gLVCHdk1vDMDgFFG5tp5OekUViqtAzEVN3kXehF/Cyeb6NilXXSip0ltuCaI33BdzjeC3kiKDwm03XDx/p5kNXm1tvF3RbEZ9q6/aMFcIuYuhovD69+pLGOkLwTUX84s=" originalsrc="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" shash="uI1Xk3iT1XW0dNnAMfIA+1CCbJYFansPmDYgds1/4TIaio4H0cpnYuJKZAvG0Lq+4ala4fTCReANeMxpNXhzzwJyTWeGjrL7JD215/z8wGgVNEGKP2lc5/ShRFfWI76dirATxJM39GJ78Ff6iZHGsGUwhQbSFP5lRQK6IgShwzg=" moz-do-not-send="true">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a>
*** Archive: <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=5PsJmZnRiWsJMJ7XcZzG%2FFf1zn9lQi%2BZvZHbUEaGGyQ%3D&amp;reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="HMV2G8+51k7DJOXyjjj4lbBGXS1A7Uv43Zx69RWVgE5wiPGiBgkOqNcGAurX1+Icp70xOIBhkMS3NNrhH8N0yvMy5au6eGsvVE0mOYI9+ZDGwB4kjKSPPR4AWR3KFAax+y8D6SR+qPueBfVIvQcxIIXEpzdxl5etC46qPXRfmYI=" originalsrc="http://www.eprints.org/tech.php/" shash="Ac6jWYPCDXQ7NMMNPkQcPBnbG6qcwgiWmiv/JGdsRp7S2bm+GhBBViM+lHLx+Giupu+K5oF7DGI1fFsmRfqvS52Oy4HML7KNFpaHVq41oqsB/F21LBnTUQswRQejnMr8o/McmV8aCMyvSzX5XNQZKsTBpJO1tU9Wq8L0ECWi+1Q=" moz-do-not-send="true">http://www.eprints.org/tech.php/</a>
*** EPrints community wiki: <a class="x_x_moz-txt-link-freetext" href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=0FyVhX0h0ehyw%2B%2BdW2c9ytktTUD6gCHEhTol6haJY2g%3D&amp;reserved=0" originalSrc="http://wiki.eprints.org/" shash="O8ikOyLnpsNBU+qrMpG4IOAjf63k8WDEnRu6mtJSZp4gnrxa7Pz006IpQt8Op+YzupqjnI9i+R9EL1ldJ3WSWRKG9MGf8JwQfD6sIbmqMTLb0UemUYQNqYudwd9Br5kf1cecHdEdaszj+AiDuhSptrsl8aTLwtNLoYYpaWBOVVM=" originalsrc="http://wiki.eprints.org/" shash="CPAlMLefr8Hz/1MhGpmaCLw2ld50iSOuBC+I3vnaF49Aq1vDzPwILkhUOrVhrfjM1OLuLmAgYPgmfywKNJiv9bScpC0XBbQNBiM4uJfysXyrbQhzti5bvO7RQdWqBhCV98/7dBfCrOSePCbXx+2kAAHZ54lihyOTkZ/DQweQNm8=" moz-do-not-send="true">http://wiki.eprints.org/</a></pre>
              </blockquote>
              <div id="x_x_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>
                <table style="border-top:1px solid #D3D4DE">
                  <tbody>
                    <tr>
                      <td style="width:55px; padding-top:13px"><a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=JUTrMdOkIylhGmt0xuuzB7BL390Njidgtpc5%2BEqv1UU%3D&amp;reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="xmkttIXnSLipOtSTKnrHtlLKTaZkxfAfKJ11AL5lTvcPgm4HQ74NXVH1ebcVkWdmARFHxjqEkzmZWffHCz4QewpUjwKvZQDNT5vaqaHsUNoqYlaH4iidBtetpdQQ+9w1pm0z0/kD3VfO7iK2orYWwICkRh4cCCCNCzIhp4IGAJI=" originalsrc="http://www.avg.com/email-signature?utm_medium=email&amp;utm_source=link&amp;utm_campaign=sig-email&amp;utm_content=emailclient" shash="RPGuzKbuhudA9Dygblov6lms71/aoCARzpEM6Ak6v6ZhqTCKY2VC6G2dJX6Kx4cjPooPUxzHj+XM0HT38/olDq1GHpYAp0F/qsGeYSIqUfgDSbXM6f2PiJ0Ox2YxZEWstmuIfM6vBAy0SR6+weftK5wGz+4YNspVTX8iVfxHf/o=" target="_blank" moz-do-not-send="true"><img alt="" style="width:46px; height:29px" src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-green-avg-v1.png" moz-do-not-send="true" width="46" height="29"></a></td>
                      <td style="width:470px; padding-top:12px;
                        color:#41424e; font-size:13px;
                        font-family:Arial,Helvetica,sans-serif;
                        line-height:18px"> Virus-free. <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&amp;data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cdce7acca6d47498ed0e008d9d1d7ec1e%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637771547567260356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=JUTrMdOkIylhGmt0xuuzB7BL390Njidgtpc5%2BEqv1UU%3D&amp;reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="xmkttIXnSLipOtSTKnrHtlLKTaZkxfAfKJ11AL5lTvcPgm4HQ74NXVH1ebcVkWdmARFHxjqEkzmZWffHCz4QewpUjwKvZQDNT5vaqaHsUNoqYlaH4iidBtetpdQQ+9w1pm0z0/kD3VfO7iK2orYWwICkRh4cCCCNCzIhp4IGAJI=" originalsrc="http://www.avg.com/email-signature?utm_medium=email&amp;utm_source=link&amp;utm_campaign=sig-email&amp;utm_content=emailclient" shash="RPGuzKbuhudA9Dygblov6lms71/aoCARzpEM6Ak6v6ZhqTCKY2VC6G2dJX6Kx4cjPooPUxzHj+XM0HT38/olDq1GHpYAp0F/qsGeYSIqUfgDSbXM6f2PiJ0Ox2YxZEWstmuIfM6vBAy0SR6+weftK5wGz+4YNspVTX8iVfxHf/o=" target="_blank" style="color:#4453ea" moz-do-not-send="true"> www.avg.com</a> </td>
                    </tr>
                  </tbody>
                </table>
              </div>
            </div>
          </div>
        </div>
      </blockquote>
    </blockquote>
  </body>
</html>