Licensing works on localhost with HTTP/HTTPS but will not work on server using HTTP

Question

Licensing works on localhost with HTTP/HTTPS but will not work on server using HTTP

joshberg opened this issue 3 years ago · 2 comments

Describe the bug
The licensing plugin does not seem to function properly using HTTP on my production server. It just hangs.

To Reproduce
Steps to reproduce the behavior:

Try to access guidechimp on a server through HTTP instead of HTTPS

Expected behavior
I expected it to function the same in my production environment as it did in my dev environment.

Screenshots

Desktop (please complete the following information):

OS: Windows Server 2021 R2
Browser: Chrome
Version: 91.0.4472.101 (Official Build) (64-bit) (cohort: 91_Win_77)

Additional context
There is nothing in the plugin documentation that states it requires HTTPS.

Answer 1 · 2021-06-15T10:14:57.000Z

Hello @joshberg

In the licensing plugin we use WebCrypto API, access to the WebCrypto API is restricted to "secure origins" and crypto.subtle is supposed to be undefined in insecure contexts.

“Secure origins” are origins that match at least one of the following (scheme, host, port) patterns:
(https, *, *)
(wss, *, )
(, localhost, )
(, 127/8, )
(, ::1/128, *)
(file, *, —)
(chrome-extension, *, —)

Why are you using unsecured http for your production environment?

Answer 2 · 2021-06-15T12:39:53.000Z

It is an internal only web application. There is no access from the outside internet. I am in the process of converting it to https because of incompatibilities like these. Thank you for the explanation.