Features to add

[xMrAfonso]

Cookie Management This is self explanatory, currently we can manage sessions, give us a way to manage cookies, which is another type of "session" just long term.

Skript variables into JS variables PHP allows us to do this, websk, as a backend language, should also allow us to do it. This is useful if we want to use values in javascript and not directly html.

Functions that can be used inside html Unsure if this is even possible, or if it already exists and I just don't know about it but, add a way to add skript functions to html, on button click for example. So that when click a button, it runs a function like we can already do with JS or PHP.

[ItsTheSky]

Hello, thanks for your suggestions 😄 I'll answer them one by one :

• Cookies are totally at the right place on WebSk, and they will therefore be soon implemented!
• This can already he done, as the same way as PhP, for example:

  <script>
  var name = "{{show discord name of loop-value}}";
  // Do stuff with name
  </script>

• This can only be done in front end, which WebSk cannot manage. You can however make your own forms with only a button to detect a sort of click, thought a custom POST request

[xMrAfonso]

Addition:

Unsure if this is related to the skripting part of WebSK, but add a way to input our SSL certificate in the config.yml. This is impossible to do otherwise since the plugin is hosting the website and we can't add SSL to a website like we do with domains.

Answering you: You should then provide an example of it in the wiki, it would help people making such things.

[xMrAfonso]

Any progress on this?

[ItsTheSky]

Nope, I'm very busy currently and will work on it the holidays; SSL will not be however added to Websk, it offer too small possibilities and will be too difficult to implement with the current system. We'll however enhance the way to catch request protocal, and also some features like the request body, IP and more!

[Norbiros]

I think we can add this. com.sun.net have Https Server. We can create some kind of "if": when ssl is setted and key is good: open https server, else open hhtp server. In "new internet" all pages want to have ssl. Yes it can be difficult. But it will be nice addition. Links: https://letsencrypt.org/ https://stackoverflow.com/questions/2308479/simple-java-https-server

Using good implement we can have the same things. We can add parser etc.

About our current system i think, we can maybe rework simple http server and use Jetty? But we can talk about this later :)

[ItsTheSky]

I already looked about that and talk with someone too, however, sum p^rovide an horribly way to manage HTTPS connection and securitize them at runtime is almost impossible :/ But feel free to try and make a PR if you success it ^^

[xMrAfonso]

I mean, to be honest, not having HTTPS support will kinda "downgrade" WebSK, since, most of the people who want to use it, will use it for their minecraft server's websites and stores, and it's kinda hard to make a player trust an HTTP not secured website.

Even if it's too hard or takes too much work, it's a necessary sacrifice that will improve quality of life and accessibility by a lot.

[Norbiros]

Hello @AfonsoHackers, We will work on that. To make it easier to implement, Jens come up with great idea - reverse proxy. It will show https, but you will only connect with proxy that has https, but real http server will not have SSL. It will work the same as normal, but we don't need to change all code :D

It will still be hard to do, but more possible... But for smaller milestones - do you have any ideas what we can add? I already added request headers in another request...

Goodbye and see you soon!

[LowScarlet]

hey i need https for my front end API, there any progress?

[LowScarlet]

from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I hate this for sure

[Norbiros]

You want to make API for your page right? Web browsers, created something like CORS, you need to set header of response using this: return "" with new header with key "Access-Control-Allow-Origin" with value "*"

"*" means for all pages that will send request. If this api is on page `https://fooexample.com``` you can set value of this to this page.

You don't need https :) And there does not exist something as Front End API. API is backend. Front end is your website... BTW, sometimes I work on this repository, but sadly @jensjeflensje abandoned this project (He doesn't accept my PRs too)...

[LowScarlet]

You want to make API for your page right? Web browsers, created something like CORS, you need to set header of response using this: return "" with new header with key "Access-Control-Allow-Origin" with value "*"

"*" means for all pages that will send request. If this api is on page `https://fooexample.com``` you can set value of this to this page.

You don't need https :) And there does not exist something as Front End API. API is backend. Front end is your website... BTW, sometimes I work on this repository, but sadly @jensjeflensje abandoned this project (He doesn't accept my PRs too)...

thanks

[LowScarlet]

still need this T_T Mixed Content Error because http

[Norbiros]

If you do everything correctly - no need for https in api.

[LowScarlet]

If you do everything correctly - no need for https in api.

but, you can't mixed http API with https Website with Javascript..

[Norbiros]

You need to use more complex ways like Ajax, but it is possible. To make Https we need to create reverse proxy, @jensjeflensje want to create external service for that, but it need a lot of work. We can create proxy (https://www.javatpoint.com/java-http-proxy-server) in our plugin. Simple proxy is easy, but reverse is more complex (we need to create certificates, some way to enter them, using them etc.) But it is possible... Plugins like PLAN do things like this