gregorydimitriadis
commented
2 years ago Added to Todo milestone on zoom call with Chuck 2022-09-29
Closed gregorydimitriadis closed 1 year ago
gregorydimitriadis
commented
2 years ago Added to Todo milestone on zoom call with Chuck 2022-09-29
cneidle
commented
2 years ago In case this is helpful:
On Jan 4, 2021, at 9:05 AM, Gregory Dimitriadis [gregdimi@cs.rutgers.edu](mailto:gregdimi@cs.rutgers.edu) wrote:
Hi Carol, Augustine, (Happy new year!)
I looked at this quickly - it appears that the DAI server is now expecting the URL's to pass the ID of the occurrence's parent variant: https://dai.cs.rutgers.edu/dai/s/occurrence?id_SignBankVariant=716
Previously it was accepting sign text, and this is what the signstream code is currently sending: http://dai.cs.rutgers.edu/dai/s/occurrence?sign_text=CAR
It's a quick fix in the code - I think we just weren't aware it had changed/was going to change.
-Greg
cneidle
commented
2 years ago From: Douglas Motto douglas.motto@rutgers.edu Subject: Re: Time to meet briefly? Date: January 6, 2021 at 3:47:24 PM EST To: Carol Neidle carolneidle@mac.com, Gregory Dimitriadis gregdimi@cs.rutgers.edu Cc: Augustine Kwasi Opoku augustine.opoku@gmail.com
Hi Augustine,
I was just discussing with Carol some of the issues this year with https and the dai website. I informed her that when http->https was forced on dai website http requests from SignStream failed. Signstream wasn't setup to follow the http -> https redirects. I gave her two options.
A) Change SignStream to not only use https but also follow redirects (just in case)...and...change the dai server to once again redirect everything http -> https. With the caveats that...if any old OS that uses Signstream has a CA certificate problem then SignStream would still fail...and...all old versions of SignStream using http only would immediately break.
B) Leave SignStream to use http requests and poke http holes on the dai server where that is needed for SignStream. The caveat being a few timed already we missed "where that is needed for SignStream".
She choose "B".
I just wanted to make sure this was OK with you and verify that you're using the "secure" flag for the session cookie in your app (so it doesn't get sent by accident over any of the holes we punch).
cneidle
commented
2 years ago Augustine thinks that this has already been resolved. We can discuss if there is reason to think it has not. As I understand, the Sign Bank can deal with requests for either http or https. Proof is that the current Sign Bank files have no problems in accessing DAI pages.
douglas-motto-at-rutgers
commented
1 year ago After discussing the situation with Chuck, he felt that moving to https is a more compliant access method which would result in longer term usability of the application. Direct http communication is slowing being depreciated.
douglas-motto-at-rutgers
commented
1 year ago The signbank search (displaying images and videos) still uses http due to the signbank file point to http addresses. That should change. Made new issue for this...
douglas-motto-at-rutgers
commented
1 year ago Otherwise ver pre_2023_02_03_1540 looks to now use https.
douglas-motto-at-rutgers
commented
1 year ago Tested these upgrades...
3.3.6->3.4.1 3.4.0->3.4.1 3.4.1->3.4.1
All worked.
gregorydimitriadis
commented
1 year ago Tested these upgrades...
3.3.6->3.4.1 3.4.0->3.4.1 3.4.1->3.4.1
All worked.
@douglas-motto-at-rutgers was this meant for a different issue?
douglas-motto-at-rutgers
commented
1 year ago Made related issue, regarding upgrades to older SS versions for HTTPS...
douglas-motto-at-rutgers
commented
1 year ago Tested these upgrades... 3.3.6->3.4.1 3.4.0->3.4.1 3.4.1->3.4.1 All worked.
@douglas-motto-at-rutgers was this meant for a different issue?
no...testing the https upgrade scripts.
cneidle
commented
1 year ago Perhaps a dumb question:
But it seems like http:// calls are automatically converted to https:// calls by the DAI Sign Bank.
This happens with lots of websites.
Is that not sufficient to ensure security?
cneidle
commented
1 year ago Sign Bank pages appear to be loading properly.
douglas-motto-at-rutgers
commented
1 year ago As this time this is not a security issue. This is a future compatibility concern. HTTP protocol is slowing being completely phased out. While right now HTTP are converted the HTTPS...in the future HTTP requests may be blocked or simply turned off.
The SS update and SB retrieval scripts have been updated to use HTTPS.
The signbank itself (from the dai) still includes http references. This can be changed later and is outside of this github issue.
cneidle
commented
1 year ago I believe we can now close this issue.
Augustine has changed to https: for references in the new SignStream Sign Bank file that he is about to release.
But I'll leave it to you to close this, just in case there is anything more in the above discussion that needs attention. Thanks.
@kwasiopoku just FYI
gregorydimitriadis
commented
1 year ago Released in 3.4.1
In terms of access to sign bank images/videos from within SignStream app