Javascript Working in hosted webserver fails in Thimble, no error

RESOLVED WORKSFORME

Status

RESOLVED WORKSFORME
5 years ago
5 years ago

People

(Reporter: cogdogblog, Unassigned)

Tracking

Details

(Reporter)

Description

5 years ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36

Steps to reproduce:

In testing the new feature of using JS in Thimble created two different single HTML web pages with javascript that work fine on my ow web server.

(1) Json call to flickr for random images
http://lab.cogdogblog.com/moz/fjson.html

(2) Using a Photoshoot demo to create thumbnails form within an image
http://lab.cogdogblog.com/moz/photoshoot/

I use the same exact code in Thimble




Actual results:

The same code in Thimble

(1) Json call to flickr for random images
https://cogdog.makes.org/thimble/flick-some-json

(2) Using a Photoshoot demo to create thumbnails form within an image
https://cogdog.makes.org/thimble/photos-within-photo-stories


Expected results:

Neither of the Thimble pages produce the same result, nor is there an error generated, or any way I can see to debug. It is not clear if some Javascript constructs are being prevented (cross domain issues??)
Ah yes.  This is an http vs https thing.  Thimble won't accept external scripts that are from http because of mixed content blocking in modern browsers.

Luckily, flickr does host that in https. I remixed yours with an s and it works!

https://brett.makes.org/thimble/flick-some-json

We do need to display a warning here, though, and we have a bug on that...

Thanks for filing, CogDog!  Keep it up!
Status: UNCONFIRMED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → WORKSFORME
(Reporter)

Comment 2

5 years ago
Thanks Brett, pretty critical to let people know. I modified my call to jquery to use https and now the Photoshoot one works

https://cogdog.makes.org/thimble/photos-within-photo-stories
We have another bug to add warnings when users insert http vs. https resources.  Sorry you got burned by this in the mean time.
You need to log in before you can comment on or make changes to this bug.