Closed wouterbeek closed 6 years ago
Sounds good, except the auto redirect: https endpoints aren't queryable (without a proxy) from http
@LaurensRietveld I do not fully understand what you mean. HTTPS SPARQL endpoints can be queried from an HTTP deployment of YASGUI. Specifically, https://dbpedia.org/sparql can be queried with http://yasgui.org
It uses the yasgui sparql proxy though. That's something that introduces latency, so I'd like to avoid using the proxy if that's possible
@LaurensRietveld I still need a bit more help to understand this... If I go to http://yasgui.org and I send a query to endpoint https://dbpedia.org/sparql, which SPARQL proxy is used for that?
This one: https://github.com/OpenTriply/YASGUI.server It's used when yasgui can't access an url from the client (e.g. When it's not CORS enabled, or when it's an http - > https request). To verify check where the request goes in your browser toolbar when executing the query
Thanks for clarifying! Please check whether my understanding is correct now (just to be sure): if YASGUI moves to HTTPS fully, the following two situations arise:
(2) is fine, but (1) is not possible out-of-the-box, because HTTP SPARQL endpoints are not allowed to be queried from within the HTTPS YASGUI deployment. What is possible is to let a proxy translate between the HTTPS YASGUI deployment and the HTTP SPARQL endpoint.
BTW I tried (1) above and this is what the Chrome developer console tells me:
Mixed Content: The page at 'https://yasgui.org/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://dbpedia.org/sparql?query=ASK%20%7B%3Fx%20%3Fy%20%3Fz%7D'. This request has been blocked; the content must be served over HTTPS.
So currently this proxy that you refer to does not yet work for upgrading HTTP->HTTPS requests?
Ha! I expected that to work. Definitely a bug though. But anyway, a good reason the keep the http version for now 😉
I agree, if HTTP endpoints cannot be queried from within an HTTPS YASGUI, then an HTTP YASGUI deployment should remain in place (and should also be the default) for quite some time.
However, it is nice that people who know that they will only query HTTPS SPARQL endpoints can also use https://yasgui.org (but this should not be the default).
The bug where https endpoints can't be accessed via http is resolved now as well. closing
Currently most links point to http://yasgui.org, but https://yasgui.org also exists.
Updating those links in documentation etc. is easy and something I can do. In addition, the HTTP version should redirect to the HTTPS version.