Opened 11 years ago
Closed 11 years ago
#9720 closed enhancement (fixed)
Remote control: listen also in HTTPS
| Reported by: | Don-vip | Owned by: | team |
|---|---|---|---|
| Priority: | normal | Milestone: | 14.03 |
| Component: | Core remotecontrol | Version: | |
| Keywords: | https | Cc: |
Description
From https://lists.openstreetmap.org/pipermail/talk/2014-February/069028.html:
it works by loading a localhost URL in a hidden frame but that is active content so will be blocked by modern browsers if loading http from https. So unless JOSM were to accept https connections to the remote control there isn't much we can do.
It's right, I have this error message from Chrome:
[blocked] The page at 'https://www.openstreetmap.org/#map=19/44.00013/12.58910' was loaded over HTTPS, but ran insecure content from 'http://127.0.0.1:8111/load_and_zoom?left=12.586&top=44.001&right=12.591&bottom=43.999': this content should also be loaded over HTTPS.
Attachments (0)
Change History (6)
comment:1 by , 11 years ago
comment:2 by , 11 years ago
Under Linux we could try to generate a local one when openssl is installed.
comment:3 by , 11 years ago
It would be better to ship one. We could also generate it from Java but I fear it requires a JDK, not only a JRE.
comment:4 by , 11 years ago
There's also the option of http://docs.oracle.com/javase/6/docs/jre/api/net/httpserver/spec/com/sun/net/httpserver/HttpsServer.html
I don't know if this class is available in icedtea ?
comment:5 by , 11 years ago
| Milestone: | → 14.03 |
|---|
Hmm, what cert do we want to provide?