Use https
Closed this issue ยท 32 comments
I am embedding pages from cppreference in an iframe from a web app (the jupyter notebook), which fetches the resources from cppreference based on some tag file.
The problem is that when the connection to jupyter is https, the CORS setting disallow loading content from an insecure source. Would it be possible for cppreference to be served over https?
Could you ask this question on http://en.cppreference.com/w/Talk:Main_Page? The hosting of the website is handled by Nate Kohl, I don't think he monitors this repository.
Thanks! Closing this issue.
It does not seem that I have permission to contribute to this page on the wiki.
cc @natekohl
I've unprotected the page temporarily, you can edit now. Sorry for not checking earlier.
Thanks. I could edit the comments page! ๐
@SylvainCorlay Seems like nothing has been done about serving cppreference over https huh? Did you find any other fix ? I am running jupyterhub over https for my uni.
Hey @sigurdurb sorry for the late reply.
There has been some discussion with @natekohl and @yuvipanda about how to fix this and configure the old version of mediawiki used by cppreference, but no solution to the issue yet unfortunately.
Regarding your use at your Uni, are you using xeus-cling for C++?
Would upgrading MediaWiki to newer version make https support easier? Upgrading will need code changes to the skins though, I have most of that done some time ago, but it's not tested properly yet.
@SylvainCorlay Yes, I have it with xeus-cling. Right now I am just testing it but maybe next fall we will start using it with Jupyterhub.
@SylvainCorlay Yes, I have it with xeus-cling. Right now I am just testing it but maybe next fall we will start using it with Jupyterhub.
Awesome! If you have any question on xeus-cling, don't hesitate to hop on our permanent chat. https://gitter.im/QuantStack/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
The changes are in the upgrade-1.27 branch. They have been done long ago, I don't remember the state of that code.
I'm currently mentoring a programmer that could look into this in several weeks.
huh? :)
Hmm, why is CSS working over HTTPS for https://en.cppreference.com/w/cpp/container/map
but not the other pages, like https://en.cppreference.com/w/cpp/container/vector
I think that if Nate has turned on https temporarily, then some pages might have been cached within MediaWiki with https links to stylesheets, thus they work.
@natekohl: Could it be that the reason you saw https not working was that you saw cached pages? I think MediaWiki does not purge HTTP cache automatically after configuration changes. A quick way to verify would be to add ?action=purge
to a URL of a broken page when https is on.
woot!
This seems to work, but we still need to do ?action=purge
on each new page (I just did it on the front page).
Can it be done globally?
@natekohl I think you can just delete the en
, de
, etc. directories within the cache directory - that's where all the html files reside. Be sure not to delete .htaccess accidentally :-)
Even with ?action=purge
I am seeing some issues with the loading of javascript assets from CDNs over http.
Maybe these could be always loaded via https?
'https://en.cppreference.com/w/cpp/container/vector' was loaded over HTTPS, but requested an insecure script 'http://cdn.jsdelivr.net/ace/1.2.4/noconflict/ace.js'. This request has been blocked; the content must be served over HTTPS.
@natekohl It seems there are other caches where various bits of information are cached. Maybe running purgeList.php --all --purge
maintenance script would help?
@SylvainCorlay: The http://cdn.jsdelivr.net/ace/1.2.4/noconflict/ace.js script issue is caused by https://github.com/p12tic/cppreference-doc/blob/master/gadgets/coliru_compiler.js#L548. I've fixed this few seconds ago on the wiki. Unfortunately it seems that http://coliru.stacked-crooked.com/ does not yet support https and we will need some kind of workaround for the "Run this code" button to work.
It looks like a competing cache issue. Have we tried setting $wgServer
to a protocol-relative URL?
I meant a protocol-relative URL like //en.cppreference.com
etc. (which will follow whatever protocol you are currently using), not just making it https.
The GeSHi thing is probably hardcoded somewhere and should be switched over.