Re: Super Dev Mode over HTTPS, workarounds?
Setting up yet another web server sounds quite a bit sub-ideal to me... Thanks for the info though. Sounds like: 1) Open an HTTP port or 2) Force Chrome to accept insecure content Seem to be to most viable solutions at present... here's hoping we get a better solution thru SDM proper in the near future. -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
> I'm not sure what difference that might make, could you elaborate? I > already have one web server talking https to the browser and the SDM script > tries to invoke an http connection to the code server. How does adding > another server talking HTTPS help the situation? > > Sorry if I'm not understanding something, I'm just confused how this would > make any difference. > Didn't read that you already have a web server that talks HTTPS. If you want to use the "recompile on reload" feature of GWT 2.7+ then a special *.nocache.js file will be generated that has a hardcoded HTTP url that you can not change and thus you have to live with the mixed content warning of browsers. In Chrome you need to use google-chrome --allow-running-insecure-content to allow mixed content again. If you are fine with using the legacy bookmarklets of SuperDevMode you can make your setup work with SSL, although it is a bit of work: 1.) create a custom linker outside of your client/shared/server package that allows SSL public class SslCrossSiteIframeLinker extends CrossSiteIframeLinker { @Override protected String getJsDevModeRedirectHookPermitted(LinkerContext context) { return "$wnd.location.protocol == \"https:\" || $wnd.location.protocol == \"http:\" || $wnd.location.protocol == \"file:\""; } } 2.) create a new sslapp-DEV.gwt.xml file for your app that you use during development and allows HTTP, HTTPS and any host name / IP. Do NOT use that module descriptor for a real production compile! 3.) Compile that dev module using the GWT compiler and store the output in a dedicated folder. I'll reference this folder using DEV_APP_FOLDER. 4.) Let your local web server listen on 127.0.0.1:443 and 127.0.0.1:9876 and create a SSL enabled vhost for each. The vhost of 127.0.0.1:443 should point to DEV_APP_FOLDER so you can launch your compiled app through SSL and the vhost 127.0.0.1:9876 should redirect everything to your GWT CodeServer that should run on a different, local IP (e.g. http://192.168.1.100:9876). Using Apache this could look similar to: Listen 127.0.0.1:443 Listen 127.0.0.1:9876 ServerAdmin webmaster@localhost # your compiled app DocumentRoot "DEV_APP_FOLDER" ServerName localhost ErrorLog "/var/log/apache2/localhost-error_log" CustomLog "/var/log/apache2/localhost-access_log" common SSLEngine on SSLCertificateFile /etc/ssl/certs/apache.crt SSLCertificateKeyFile /etc/ssl/private/apache.key Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all ServerAdmin webmaster@localhost DocumentRoot "/some/tmp/folder" ServerName localhost ErrorLog "/var/log/apache2/localhost-codeserver-error_log" CustomLog "/var/log/apache2/localhost-codeserver-access_log" common SSLEngine on SSLCertificateFile /etc/ssl/certs/apache.crt SSLCertificateKeyFile /etc/ssl/private/apache.key # proxy everything from https://127.0.0.1:9876 to CodeServer running on http://192.168.1.100:9876 ProxyPass / http://192.168.1.100:9876/ 5.) Start DevMode / CodeServer using -bindAddress 192.168.1.100 (your host's ip address) 6.) Visit https://127.0.0.1:9876 and you should see the CodeServer as the SSL connection is proxied to the non-SSL CodeServer. Put the bookmarklets in your browser bar. 7.) Visit https://127.0.0.1/sslapp/index.html (or similar) to launch your compiled app of step 3.) 8.) Hit the DevMode On bookmarklet, copy the Compile bookmarklet to your browser bar as well and then hit compile. Your app should compile, reload and fetch your JS from the CodeServer now, through SSL. The above might contain minor issues, but I guess you get the idea and it should generally work. -- J. -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
I'm not sure what difference that might make, could you elaborate? I already have one web server talking https to the browser and the SDM script tries to invoke an http connection to the code server. How does adding another server talking HTTPS help the situation? Sorry if I'm not understanding something, I'm just confused how this would make any difference. On Wednesday, May 4, 2016 at 4:28:15 PM UTC-7, Jens wrote: > > I would probably install a local http webserver/proxy (apache, nginx, etc) > that talks https to the browser and forwards requests as desired to SDM / > your servlet container / whatever. > > -- J. > -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
I asked a few questions in the issue in GitHub, please go answer them so we can advance the matter. It's not that hard to do TLS, the devil is in the details: how you trigger it, whether and how you configure it, etc. -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
what is the reason for not wanting to support ssl ? Its not that hard to open an ssl socket is it ? Am I missing something? On Thu, 5 May 2016 at 01:28, Jens wrote: > I would probably install a local http webserver/proxy (apache, nginx, etc) > that talks https to the browser and forwards requests as desired to SDM / > your servlet container / whatever. > > -- J. > > -- > You received this message because you are subscribed to the Google Groups > "GWT Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to google-web-toolkit+unsubscr...@googlegroups.com. > To post to this group, send email to google-web-toolkit@googlegroups.com. > Visit this group at https://groups.google.com/group/google-web-toolkit. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
I would probably install a local http webserver/proxy (apache, nginx, etc) that talks https to the browser and forwards requests as desired to SDM / your servlet container / whatever. -- J. -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
Unfortunately, as far as I know, GWT developer have no plan to support https for super dev mode. At the moment I start chrome in insecure mode: In Ubuntu: $ google-chrome --allow-running-insecure-content -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
Re: Super Dev Mode over HTTPS, workarounds?
Unfortunately, as far as I know, GWT developer have no plan to support https for super dev mode. At the moment I start chrome in insecure mode: In Ubuntu: $ google-chrome --allow-running-insecure-content Am Dienstag, 3. Mai 2016 23:50:40 UTC+2 schrieb clou...@gmail.com: > > Greetings! > > I've been working on migrating our application over to GWT-2.8b1 (from GWT > 2.5) and moving from the classic Dev Mode to Super Dev Mode. Migrating a > simple sandbox environment went fairly smoothly, and SDM worked just fine > for that example, however I have run into problems with using SDM over > HTTPS with an external server. > > My searches haven't yielded a decent answer to this issue, though I'm > aware that this is already an open bug for GWT. > https://github.com/gwtproject/gwt/issues/7535 > > The one possible solution I came across no longer seems to work in Chrome > (mixed HTTPS-HTTP seems completely blocked), basically over-riding > CrossSiteIframeLinker. From what I've read this no longer works for Chrome > 46+: > http://spreadgwt.blogspot.com/2015/11/gwt-superdev-on-https-pages.html > > The most common response I've seen is to develop in HTTP and deploy over > HTTPS, however developing in HTTP vs HTTPS for the product requires a code > change which works for getting SDM to work, but breaks other product > functionality that is assuming HTTPS. This puts our development in a > rather painful position. > > Are there any other solutions folks have developed for this issue? It's a > pretty hefty pain point for the upgrade and I'd be a little surprised if > others haven't already figured out a workaround for the issue. Thanks for > any suggestions or tips. > -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.