New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need to resolve issues with HTTP(S) settings #8
Comments
from @danielweck ========================== When
So, it would seem that the best URL format is: ========================== This is problematic because the Readium cloud/web reader app (just as any other website) cannot mix secure HTTPS and insecure HTTP, so we cannot use the optimum Example of a working Readium web/cloud reader link: ...also works with RawGit as this service responds with a HTTP 301 redirect to the above regular GitHub URL: ========================== Note that we currently have the exact same problem with packed/zipped EPUB files hosted at Firebase and Surge, so I will check our current configuration [8] to see if we can apply similar overrides as we do with the Readium2 NodeJS streamer [9]. [8] |
from @danielweck Quick follow-up about HTTP CORS: With a bit of help from https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS I fixed the Firebase headers configuration: CLI test:
Readium cloud/web reader test: |
from @danielweck Regarding the |
from @danielweck by the way: once HTTPS works with enforcement / auto-redirect (recommended practice nowadays), it might be worth considering setting a canonical URL for the Jekyll website: https://github.com/readium/readium.github.io/blob/master/_config.yml#L22 https://github.com/readium/readium.github.io/blob/master/_includes/head.html#L6 |
from @danielweck I realize I am digressing a bit in this email thread, but in fairness this kind of erroneous HTTPS configuration does in fact impact Readium.org 's ability to host sites, serve files, etc. (especially when handshaking across domains / origins, such as HTTP CORS with the cloud reader). ... anyway, I will just mention these last few debunking things (you may copy/paste for future reference, and/or pass onto web-admin @ Readium Foundation): HTTPS checks ( HTTPS checks ( WHOIS DNS lookup: A DNS lookup: CNAME DNS lookup:
(note the non-secure HTTP redirect with this last one ... I suspect "HTTP enforcement" has not been turned on in GitHub?) |
Above excerpts from this email discussion thread ( |
@danielweck |
The issue can be closed. |
The files posted at http://readium.org/readium-test-files/ do not have correct settings for HTTPS. This is mainly due to settings for readium.org.
The following notes from Daniel Weck.
The text was updated successfully, but these errors were encountered: