Comments (13)
No osx. Can you check in the developer pane how the rquest looks? Http body/ response?
from volkszaehler.org.
Thanks for the good questions :-)
- it's about this here: http://support.xqueue.de/docs/artikel/firefox-blockiert-gemischte-inhalte/
- I've tried it with an empty profile (osx, as well) - error does not occur
-> my fault: accessing the URL using http instead of https (see above) the error does not occur
so, trying the same with FF 35 on Win8.1 (using https!) the same happens
console says:
'Lade gemischte (unsichere) aktive Inhalte auf einer sicheren Seite "http://demo.volkszaehler.org/middleware.php/entity.json?padding=jQuery21305514022129555723_1422094699433&_=1422094699435" jquery-....min.js (Zeile 4)'
I can't map this to the any of the changes, though.
Does that help? Can I provide more details?
from volkszaehler.org.
Reproducible on Windows FF35
from volkszaehler.org.
Mhm. Looks like a valid JSONP request: http://demo.volkszaehler.org/middleware.php/entity.json?padding=jQuery21305383623512019367_1422096647035&_=1422096647037
Wondering if this is part of the problem: http://stackoverflow.com/questions/4281274/jquery-ajax-404-handling
I'll look into this...
from volkszaehler.org.
Ok, Firefox is blocking "insecure content" on the https page. Once disabled, problem is gone. As you still have the problem, could you check what is being blocked by ff?
from volkszaehler.org.
Found it. The public MW request is http, not https: http://demo.volkszaehler.org/middleware.php/entity.json?padding=jQuery21301786527374471366_1422097116416&_=1422097116417
Now need to find why and where...
from volkszaehler.org.
Could you please check your options.json? How are the middlewares configured? Explicit http preventing https? If yes, could you check if this works:
remoteMiddleware: [{
title: 'Volkszaehler Demo',
url: '//demo.volkszaehler.org/middleware.php'
}],
from volkszaehler.org.
bingo! :-)
options.js has the default setting (see https://github.com/volkszaehler/volkszaehler.org/blob/master/htdocs/frontend/javascripts/options.js#L39), so it is set to http, not https.
I'd prefer to set the default to https (or have another entry with https; one of them could have a hint in its description); I'm surprised that omitting the protocol actually works; so - despite my lack of understanding why - that does work as well. If this is the way it should behave without the protocol, we could set it to that, as well. My first choice would be https, though.
Your opinion?
from volkszaehler.org.
Update:
Safari (on OSX as well as iOS) seems to dislike the new setting :-/
Apparantly the mix of http and https is the root cause.
Steps to reproduce:
- start Safari (v8.0.2 on OSX)
- open http://demo.volkszaehler.org/frontend/ with an empty list of channels (same behaviour if channels are present) -> pop-up "Kanal hinzufügen" shows -> click on "Öffentliche Kanäle" -> error message: "404: error
https://demo.volkszaehler.org/middleware.php/entity.json?padding=jQuery21306341436936054379_1422430832787&_=1422430832788:
Unknown middleware response"
Changing the url in remoteMiddleware (options.js) from https://demo.... to http://demo... or (!) "//demo..." solves the issue; "http" will cause the error with FF, of course.
I've justed tried "//demo..." (after checking against http://en.wikipedia.org/wiki/Uniform_resource_locator#Protocol-relative_URLs ) and it seems to work (currently demo.volkszaehler.org has this setting) for both FF and Safari (OSX and iOS)
from volkszaehler.org.
@justinotherguy what is the specific error displayed in the firefox console (developer console, opens with F12 on Windows)? What are the HTTP request/ response?
from volkszaehler.org.
@justinotherguy the problem is your certificate. Try https://demo.volkszaehler.org/middleware.php/entity.json?padding=jQuery21304080840314272791_1422543722973&_=1422543722974
Firefox:
demo.volkszaehler.org uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)
Chrome:
This server could not prove that it is demo.volkszaehler.org; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to demo.volkszaehler.org (unsafe)
NET::ERR_CERT_AUTHORITY_INVALID
Therefore, the solution to this problem must be:
- provide a real certificate if you want to use https
- change the setting back to http and ensure that http will remain available
- force every user to accept a security exception and document this behaviour
- ist actually what was in place before. It is valid as a default but not for demo when it's hosted on https.
For now, I'll change options.js
back to http
and you'll have to manually switch to your liking.
from volkszaehler.org.
@justinotherguy can we close this?
from volkszaehler.org.
- sorry for not responding any sooner!
- I don't think the cert is the issue - I have installed to root CA cert in my browser, the error message comes up anyway
- the error message (in FF, when I have set the URL to "http://" in options.js and access http://demo... is shown here: #231 (comment)
- apparantly my comment #231 (comment) ("bingo!") does not refer to your comment #231 (comment) ("url: '//demo"), but to your comment #231 (comment) ("Found it. The public MW request is http, not https") -> from what I can tell, using "url:'//demo" seems to fix all cases mentioned above (it's the setting that's still present in demo.volkszaehler.org).
I suggest, we'll set options.js to "url:'//demo" - agreed?
from volkszaehler.org.
Related Issues (20)
- Website down HOT 3
- Push Server seems to consume memory continually. Memory Leak? HOT 19
- Virtualsensor with hourly Price (e.g. Tibber) HOT 2
- Incompatibility of new DB structure and dbcopy
- Every two minutes mariadb warning
- 403 error in apache2 nach genauer anleitung des volkszähler HOT 19
- s0 zähler mit ardurino über usb auslesen HOT 4
- Frontend: Possibility to show weekly values (Enhancement)
- aggregate fails due to division by zero HOT 2
- Plot can not be hide in Frontend
- Network Error - Bad Gateway after Git update HOT 10
- vzcompress2 PHP Deprecated
- https://wiki.volkszaehler.org/hardware/channels/solar_inverters/deye re-implementation
- Service Temporarily Unavailable HOT 2
- Configuration of logrotate in Raspberry image incorrect HOT 2
- Frontend: rightmost bar graphs always overlap its neighbor
- PHP 8.2: Dynamic Properties are deprecated HOT 5
- PPM does not start - Symphony error HOT 1
- /misc/sql/demo.sql uses non existing column
- Cannot connect to MariaDB with standard compose file
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from volkszaehler.org.