Modify

Opened 4 years ago

Closed 2 years ago

#9778 closed enhancement (fixed)

option to use ssl for connections to josm.openstreetmap.de

Reported by: skyper Owned by: team
Priority: normal Milestone: 14.03
Component: Core Version:
Keywords: ssl homepage Cc:

Description

As OSM offers secure connections now, it would be nice to also offer it for connections to our page to download plugins, styles and preset with a secure connections

Attachments (0)

Change History (25)

comment:1 Changed 4 years ago by Don-vip

Priority: majornormal

this is not major as no personal information is involved.

comment:2 Changed 4 years ago by Don-vip

Ticket #8863 has been marked as a duplicate of this ticket.

comment:3 Changed 4 years ago by stoecker

In 6897/josm:

see #9778 - use TLS for JOSM website access

comment:4 Changed 4 years ago by Don-vip

I don't understand the wikireader stuff?

comment:5 Changed 4 years ago by stoecker

In 6898/josm:

see #9778 - fix brain damage

comment:6 in reply to:  4 Changed 4 years ago by stoecker

Replying to Don-vip:

I don't understand the wikireader stuff?

I thought the url was on the left side of the replace - it was on the right side, so that was crap :-)

comment:7 Changed 4 years ago by stoecker

Note: I believe the getXMLBase() must stay http or JOSM will do a request to the server for each XML. Was at least my impression when I first tested that shortly.

comment:8 Changed 4 years ago by Don-vip

Milestone: 14.03

comment:9 Changed 4 years ago by stoecker

In 6900/josm:

see #9778 - force fixed string for XML name base

comment:10 Changed 4 years ago by stoecker

Someone willing to test if there are side effects, when when change the defaults to https?

comment:11 in reply to:  10 Changed 4 years ago by skyper

Replying to stoecker:

Someone willing to test if there are side effects, when when change the defaults to https?

What do you mean and need ?

  • Do I simply have to change the protocol for the fixed string ?
  • Is it sufficient to unpack, change and repack or do I need to compile ?
    • Is it possible to have a test version ?
Last edited 4 years ago by skyper (previous) (diff)

comment:12 Changed 4 years ago by stoecker

Change "osm.url" and "josm.url" in advanced prefs.

comment:13 Changed 4 years ago by anonymous

I changed josm.url to https://josm.openstreetmap.de
But it does not work, all traffic to josm.openstreetmap.de is not encrypted.

(JOSM 6903)

comment:14 Changed 4 years ago by Don-vip

How do you know?

comment:15 in reply to:  13 Changed 4 years ago by skyper

Replying to anonymous:

I changed josm.url to https://josm.openstreetmap.de
But it does not work, all traffic to josm.openstreetmap.de is not encrypted.

Did you restart after changing the url ?

So far, I is running smoothly on my side.

I did start with a new/empty preference directory and after changing the URLs, I always did delete the cache folder within preferences. Even Plugins and Styles/Presets seem to work but I have to admit that I did not check with wireshark but relied on the URLs showing up on the console.

comment:16 Changed 4 years ago by anonymous

I checked with wireshark.

I tried again with new profile and now there is some encrypted traffic to josm.openstreetmap.de
But there is also unencrypted traffic:
http://josm.openstreetmap.de/plugin
http://josm.openstreetmap.de/plugin-icons.zip
http://josm.openstreetmap.de/browser/trunk/images/mapmode/improvewayaccuracy.png?format=raw

comment:17 Changed 4 years ago by stoecker

In 6905/josm:

see #9778 - delay initialisation of plugin download URL

comment:18 in reply to:  16 ; Changed 4 years ago by stoecker

Replying to anonymous:

I tried again with new profile and now there is some encrypted traffic to josm.openstreetmap.de
But there is also unencrypted traffic:
http://josm.openstreetmap.de/plugin
http://josm.openstreetmap.de/plugin-icons.zip

Should be fixed.

http://josm.openstreetmap.de/browser/trunk/images/mapmode/improvewayaccuracy.png?format=raw

Hmm, that must come from a style, preset or something else. Should not be loaded at all from remote!

comment:19 in reply to:  18 Changed 4 years ago by Don-vip

Replying to stoecker:

Hmm, that must come from a style, preset or something else. Should not be loaded at all from remote!

it comes from StartupPageSource :)

comment:20 Changed 4 years ago by Don-vip

So help.baseurl must be changed as well.

comment:21 Changed 4 years ago by Don-vip

Resolution: fixed
Status: newclosed

In 6920/josm:

fix #9778, fix #9806 - access OSM API and JOSM website in HTTPS by default + other HTTPS links where applicable + update CONTRIBUTION

comment:22 Changed 4 years ago by jjaf.de

Resolution: fixed
Status: closedreopened

Don't forget that you have tested with a local copy. Most users are using Java WebStart via <https://josm.openstreetmap.de/download/josm.jnlp> and it includes hrefs to HTTP so it downloads the main jar unsecured!

comment:23 Changed 4 years ago by Don-vip

Resolution: fixed
Status: reopenedclosed

In 6955/josm:

fix #9778 - more https accesses to josm website

comment:24 Changed 2 years ago by pendluuum

Resolution: fixed
Status: closedreopened

There are some important bits missing: Accoording to JOSMs stdoutput many plugins get downloaded and updated via http from svn.openstreetmap.org (e.g. "GET http://svn.openstreetmap.org/applications/editors/josm/dist/utilsplugin2.jar"). I've tried with a fresh profile and josm latest.

The plugin code gets executed if I understand correctly, so its download should be secured.

The cause seems to be the URLs in https://josm.openstreetmap.de/pluginicons ("https://josm.openstreetmap.de/pluginicons%<?plugins=>" in the plugin settings). Could these please be changed to https? The svn server is capable of it.

Thank you!

comment:25 Changed 2 years ago by Don-vip

Resolution: fixed
Status: reopenedclosed

HTTPS links are now provided. Thanks for the notice.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain team.
as The resolution will be set.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.