search

plnkr / feedback

Feedback on Plunker
19 stars 11 forks source link

Non secure HTTP? #559

Open JohnInWI opened 2 years ago

JohnInWI commented 2 years ago

Trying to figure out if it's my browser or something changed with Plunker. I've been using HTTP: // connection to a websocket server to send commands to microcontrollers. Recently, I have not been able to to use HPPT:// - the browser defaults to HTTPS://

Is HTTP:// still available to Plunker users? thanks

ggoodman commented 2 years ago

Hi @JohnInWI, I'm sorry that you were affected by this. Because of some issues w/ how our phishing protection was working in certain environments and in keeping with the general progression of the web, we decided to force TLS across Plunker. Attempts to access plunker over http:// will be transparently redirected to https://.

Can you tell me a little more about your use-case and why you're hoping to keep using http://?

JohnInWI commented 2 years ago

Thanks for the response!

I volunteer/ teach robotics classes for kids. A number of years ago, I set up a non-secure server to broker commands from Plunker (and other softwares I use, depending on student level) via websocket. At the time, it was just easier and cheaper to set up non-secure. There are roughly 50 robots students built and coded with Plunker using the non-secure websockets. The students build the robots and keep them- so I suspect none of them are working. So be it.

Plunker works really, really well for my students. The preview, the autocomplete, the no-software-to-install and open-nature of it has provided a great learning platform. An example robot control app is here: https://plnkr.co/plunk/aFX7UcwbUbcAqbp3 The students start with a template I wrote and add JS code to make the robots perform specific tasks. It's really nice they can use the PC or their phones to control the robots.

I suppose I will need to secure my server and its websockets. Hopefully the robots- which use a cheap ESP8266 WIFI microcontroller- have the capability to connect securely. I think so? Thanks for developing Plunker- I've used it for developing numerous projects. Hopefully I can get the robots and server to interact with it securely.

ggoodman commented 2 years ago

@JohnInWI, if these robots are all reached through a common domain name, you might find that proxying it through CloudFlare will give you transparent TLS upgrades and shouldn't cost you a dime.

I think it's really neat to hear how you and your students have been able to use the platform and I'm sorry that this move affected them in this way!