Closed brandonchinn178 closed 10 years ago
noahsark769
commented
10 years ago Let's just change it to https always instead of using the // form to use the same protocol - I believe that will mean that when we're developing locally, it will try to reach file://calchart-server.herokuapp.com, which won't work.
brandonchinn178
commented
10 years ago Well locally, it doesn't work either way because of Cross Origin requests. https also wouldn't work if people were on calchart viewer on http, because of mixed content (the original issue)
noahsark769
commented
10 years ago Right, but I feel like we would be building in brokenness for local development: trying to request a file:// url which doesnt exist is even worse than trying to request a url and getting denied due to CORS. I feel like just leaving it as https would be better for when we try to figure out a solution to the CORS thing (because really, we should be able to load live files from calchart-server when devleoping locally anyway, but thats not something we've implemented yet).
Also, according to this, there's no reason that serving the calchart-server content over https always is a bad idea. I believe there won't be a mixed content issue with loading https on an http page: rather the problem is when you try to load http content on an https page.
brandonchinn178
commented
10 years ago Alright sounds good. I'll change it to https
noahsark769
commented
10 years ago It's mergin' time
@noahsark769 There was an error with the autoload when people accessed Calchart Viewer via https, because we tried to access the server with http, and Firefox blocks mixing content between https and http protocols. Solution was simply to remove http: protocol in the AJAX call