[geomoose-psc] https for geomoose.org
Dan Little
theduckylittle at gmail.com
Sat May 27 07:49:46 PDT 2017
Should we just make a stable "foss4g-next.png" on geomoose.org?
On Fri, May 26, 2017 at 7:39 PM, James Klassen <klassen.js at gmail.com> wrote:
> Yep.
>
> On May 26, 2017 18:29, "Eli Adam" <eadam at co.lincoln.or.us> wrote:
>
>> On Thu, May 25, 2017 at 7:23 PM, Jim Klassen <klassen.js at gmail.com>
>> wrote:
>> > Looks like the "OpenStreetMap - Black and White" layer is the only one
>> > that isn't available over https. I have updated the rest of the
>> > externally referenced layers in master as well as the google maps API
>> > and copied the foss4g2017 logo internally.
>>
>> Looks like this was for 2.# demo, not 3.0.
>>
>> Eli
>>
>> >
>> >
>> > On 05/25/2017 06:51 PM, Eli Adam wrote:
>> >> On Thu, May 25, 2017 at 4:53 AM, Dan Little <theduckylittle at gmail.com>
>> wrote:
>> >>> Sorry this is only a partial answer...
>> >>>
>> >>> We can move almost all of that stuff to schemaless urls. Simply
>> remove
>> >>> "http:" from the URL and they'll automatically switch between http and
>> >>> https.
>> >>>
>> >>> On Wed, May 24, 2017 at 10:24 PM, Jim Klassen <klassen.js at gmail.com>
>> wrote:
>> >>>> I have enabled https on the *.geomoose.org sites. Besides generally
>> >>>> being considered a good idea lately, and Let's Encrypt making it
>> trivial
>> >> Yes, good to use https, also if we use https, that is useful testing
>> >> for people who want to run with https.
>> >>
>> >> Let's Encrypt is good but we need to have our automated renewal
>> >> working well. Some sites seem to never figure that out and are always
>> >> down because of it.
>> >>
>> >>>> and free to do so, the motivation is that some features in GeoMoose
>> 3.0,
>> >>>> most notably the "Find Me", are blocked by Chrome if they don't
>> >>>> originate from an a site served by https.
>> >>>>
>> >>>> This does cause some warnings and blocking now from pulling things in
>> >>>> from non-https external sites.
>> >>>>
>> >>>> The FOSS4G image hosted at mapserver.org has no https equivalent
>> that I
>> >>>> have found. We could self host as an easy work around.
>> >> Seems that this should be hosted on http://2017.foss4g.org/ but that
>> >> isn't https either.
>> >>
>> >>>> The Google maps API in 2.x is pulled in using
>> >>>> http://maps.googleapis.com and not https://maps.googleapis.com (or
>> >>>> //maps.googleapis.com).
>> >>>>
>> >>>> OpenStreetMap is pulled in from XYZ using http (defined in the
>> mapbook)
>> >>>>
>> >>>> ArcGIS 9.3 Rest Example is pulled in using http.
>> >>>>
>> >>>> Weather Radar is pulled in using http.
>> >>>>
>> >>>> These will require a patches to all the active 2.x series branches so
>> >>>> they are picked up in the demo.
>> >>>>
>> >>>> There is probably more, but this is what I found in a quick test. I
>> >>>> haven't checked if the remote sites are available over https or
>> not. If
>> >>>> they are not, are the mixed-content warnings acceptable?
>> >> If we are demonstrating an https instance, that doesn't really do it.
>> >>
>> >>>> Other thoughts?
>> >> https is sometimes slower which could make the demo look slow but it
>> >> still seems plenty fast to me testing (although with many images http
>> >> that isn't really testing anything).
>> >>
>> >> Thanks for doing this Jim.
>> >>
>> >> Eli
>> >>
>> >>>> _______________________________________________
>> >>>> geomoose-psc mailing list
>> >>>> geomoose-psc at lists.osgeo.org
>> >>>> https://lists.osgeo.org/mailman/listinfo/geomoose-psc
>> >>>
>> >>>
>> >>> _______________________________________________
>> >>> geomoose-psc mailing list
>> >>> geomoose-psc at lists.osgeo.org
>> >>> https://lists.osgeo.org/mailman/listinfo/geomoose-psc
>> >
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geomoose-psc/attachments/20170527/e71c13d0/attachment-0001.html>
More information about the geomoose-psc
mailing list