Open scripting opened 1 year ago
scripting
commented
1 year ago I just fixed two problems reported by @scotthansonde.
It was loading outlinedialog.css over http. Not any longer.
In davehttp, the default favicon was specified using http. To get this fix you will need to update your instance of feedland using npm update.
scripting
commented
1 year ago Third problem reported by @scotthansonde required a bigger change.
As you may know, FeedLand defines a REST API that is called by the client app aka feedlandhome.
Those calls are going over HTTP. The server tells the client in a structure called appConsts, how to call back to the server.
Previously that URL was being defined as follows: "http://" + config.myDomain + "/" where xxx is the value myDomain which is defined in config.json. That worked fine until now.
There's now a config.json value called urlServerForClient.
You simply set that value to the URL for your web server in config.json. If you're using HTTPS, you do this as follows:
"urlServerForClient": "https://myserver.com/",
Once you make that change:
That takes care of a large class of formerly http requests emanating from FeedLand client.
scotthansonde
commented
1 year ago I'm out of town with only an iPad, but I was able to ssh into my instance, make the changes and restart. I was then able open my instance over https, sign in, and read my feed list with no errors in the console.
scripting
commented
1 year ago @scotthansonde — wow.
I bet there are still some things to fix, but that’s a great start.
voitto
commented
1 year ago I started on my new feedland server but haven't finished yet - I got a little too adventurous with docker and stalled out on a docker networking fiasco - will try to finish today if I can, really appreciate all of these refinements to make it work over both http and https
scripting
commented
1 year ago @voitto -- that was the plan all along. The rule is if you're giving your identity to a service, you gotta have https. My commitment is to the web. And I think https is really shitty technology, I'm sure Google if they tried just a little harder, or asked me, could have come up with more of a win-win and made all the bullshit you have to do actually get you something, but it is what it is. They're a shit company, but https is not Google.
scotthansonde
commented
1 year ago @scripting I'm back on my MacBook with proper Dev Tools 😃 I've set "flWebsocketEnabled" to false, I don't want to report any web socket errors yet. I've also set "urlFavicon".
I am just looking at my feed list and my news page. I see this error in the console:
I also see a web socket error despite having set "flWebsocketEnabled" to false:
Tomorrow I'll try changing my subscriptions, adding categories, etc.
scotthansonde
commented
1 year ago I've now started adding categories, subscribing to a feed, adding categories to my news page, etc. The only new error I'm seeing is that some images are not loaded.
It's trying to get the icon from 'https://static.scripting.com/', which of course does not have https. The console error:
On the whole, it works amazingly well.
voitto
commented
1 year ago update: I fixed my docker networking problem and went through the set up for Amazon SES email - waiting for DNS verification up to 72 hours and then I should have a working FeedLand server when that's done - will report back then!
voitto
commented
1 year ago 
got my FeedLand server working now
I think my database setup is causing trouble and I'm getting this error EAI_AGAIN, err.message == getaddrinfo EAI_AGAIN mysqldb
Dave let me know if you have info on that error? I will look into it more myself thanks
scripting
commented
1 year ago @voitto -- a few comments
voitto
commented
1 year ago 
I got it working, thanks for the help!
All right, you've read all about how I don't like Google forcing us to use HTTPS, I've tried to be clear where I draw the line. I don't have an issue with HTTPS itself -- and as I say in my manifesto, there are times when I want to use HTTPS. Like sites that manage user identity. And if FeedLand is doing its own identity then HTTPS is appropriate.
Where we're at
Assuming each of you has your own way of doing HTTPS. I see my part of the job as making sure that the FeedLand client doesn't make any http:// references.
I've already made this change in feedlandhome, which is the name for the client we're using. The one that you point to from the urlServerHomePageSource value in config.json .How you can see this:
go to your instance
view source
look in the <head> section
You'll see that all the .js and .css files are referenced via // instead of http:// -- that's enough to cue the browser to load it as HTTPS for pages being served via HTTPS.
That takes care a big chunk of the problem.
We've found a few other places where the browser-based code reads http:// files, and it looks like most of those will be easily fixed. There is one set that is vexing, at least at first glance, I'm going to think about it a bit and experiment, and if I still can't figure out what to do will add a description to this thread.
What to do
If you have a FeedLand installation up and running, and you want to help work out the issues wrt HTTPS:
Hook your FeedLand instance up to HTTPS.
Open the JavaScript console.
Do stuff.
Report errors. There will be a lot of them I expect. You don't have to report all of them. Let's just winnow the list.