Results 1 to 5 of 5

Thread: Test loading from http server

  1. #1
    Sencha Premium User alexander.urban's Avatar
    Join Date
    Nov 2013
    Posts
    324
    Answers
    9

    Default Answered: Test loading from http server

    I want to test in a fiddle to load information from a remote http server.

    There is no direct possibility to load the same information from https, because the remote server does not support https.

    I hacked the following into a fiddle:

    Code:
    Ext.application({
        name : 'Fiddle',
    
    
        launch : function() {
            Ext.Ajax.request({
                url:'http://myhttpserver/firmware/current/version',
                method:'OPTION',
                callback:function(request, success, response) {
                    console.log(response);
                }
            })
        }
    });
    and I clicked "Run". The error is

    Mixed Content: The page at 'https://fiddle.sencha.com/#view/editor' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://myhttpserver/firmware/current/version'. This request has been blocked; the content must be served over HTTPS.
    This stackoverflow resource tells me that I cannot get it to work using additional code, headers or something like that.

    I did not find a way to load fiddle via http, I am always forwarded to a secure connection.

    So, the only way to test this would be to abandon sencha fiddle and use a local testbed. Is this correct?

  2. This is browser enforced and with HTTPS everywhere, browsers are going to start complaining when a source is insecure and SEO will likely follow suit.

    Fiddle 2 does have a proxy route so if the server is accessible to the internet (no local hosts entry) then you can use https://fiddle.sencha.com/proxy/http...urrent/version This is a simple proxy and AFAIK not a whole lot of usage but should use a nodejs proxy (so it uses the http module and sends a request to download the file). In a further iteration, nginx can use a reverse proxy to handle this outside of nodejs but needed to get something working for the time being. This proxy route is currently automatically used if you add a remote file that uses http not https.

  3. #2
    Sencha Premium User mitchellsimoens's Avatar
    Join Date
    Mar 2007
    Location
    Gainesville, FL
    Posts
    40,448
    Answers
    3997

    Default

    This is browser enforced and with HTTPS everywhere, browsers are going to start complaining when a source is insecure and SEO will likely follow suit.

    Fiddle 2 does have a proxy route so if the server is accessible to the internet (no local hosts entry) then you can use https://fiddle.sencha.com/proxy/http...urrent/version This is a simple proxy and AFAIK not a whole lot of usage but should use a nodejs proxy (so it uses the http module and sends a request to download the file). In a further iteration, nginx can use a reverse proxy to handle this outside of nodejs but needed to get something working for the time being. This proxy route is currently automatically used if you add a remote file that uses http not https.
    Mitchell Simoens @LikelyMitch

    Check out my GitHub:
    https://github.com/mitchellsimoens

    Posts are my own, not any current, past or future employer's.

  4. #3
    Sencha Premium User alexander.urban's Avatar
    Join Date
    Nov 2013
    Posts
    324
    Answers
    9

    Default

    Thank you for your insightful reply. The server is an intranet TFTP server used by appliances to download firmware updates, normally no browser access, no SEO.

    Good to know about the availability of the proxy, thank you. Should we really implement version file parsing into our dashboard UI, we will keep in mind to add a similar proxy to our environment because of HTTPS everywhere.

  5. #4
    Sencha Premium User mitchellsimoens's Avatar
    Join Date
    Mar 2007
    Location
    Gainesville, FL
    Posts
    40,448
    Answers
    3997

    Default

    Also keep in mind that services like Let's Encrypt make it extremely easy to get a SSL cert these days. They expire in 90 days but setup a simple cron job to renew and you are good (and they are ok with the cron job renew).

    It's also trivial to setup a reverse proxy locally using nginx or apache. I use apache locally as I'm on macOS and it's already there and have the SSL cert on it and my node servers are insecure for testing.
    Mitchell Simoens @LikelyMitch

    Check out my GitHub:
    https://github.com/mitchellsimoens

    Posts are my own, not any current, past or future employer's.

  6. #5
    Sencha Premium User
    Join Date
    May 2015
    Posts
    5

    Default

    A workaround if you need a fiddle to GET data from an unencrypted service: you can temporarily tell your browser to allow mixed content (encrypted and unencrypted).

    * With Firefox, click on the page's padlock icon and find the option to temporarily disable protection.
    * With Chrome, you can run the Chrome executable with the command line argument: --allow-running-insecure-content
    There have also been browser extensions for this.

    Note that all these options have changed over time, and may not be supported in future. Disabling the protection is a temporary measure suitable only for short-term developer testing. Better solutions are the ones mentioned earlier.

Similar Threads

  1. Test an application on a remote server
    By dmarcotte in forum Q&A
    Replies: 1
    Last Post: 31 Jan 2016, 1:14 PM
  2. Replies: 5
    Last Post: 7 Jul 2015, 3:03 AM
  3. Replies: 1
    Last Post: 23 Oct 2008, 8:52 AM
  4. How to unit test Ext.Ajax (no server required)
    By danh2000 in forum Community Discussion
    Replies: 0
    Last Post: 8 Nov 2007, 2:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •