Github pages and custom domain from 123Reg - github

I've got a custom domain from 123Reg - www.mydomainname.co.uk - which I want to use for my github page - mygithub.github.io
I've managed to set it up so that www.mydomainname.co.uk works, but it isn't using https and therefore shows as unsecure, how can I make it use https?
Also, is there a way of allowing mydomainname.co.uk to work as well?

First you should make sure HTTPS is working on https://www.mydomainname.co.uk (by default it should). You can Enforce HTTPS under your repository settings, so it would do the redirection from http to https.
To get your apex domain mydomainname.co.uk working, it's best if you do a redirection to www.mydomainname.co.uk from where you manage your DNS (some don't have the feature).

Related

Override single API endpoint locally

Is it possible to override a single API end-point locally?
i.e:
https://jsonplaceholder.typicode.com/todos/1
To this one:
http://localhost:3000/todos/1
But without touching others end-point like:
https://jsonplaceholder.typicode.com/movie/1
I'm trying to find a tool to do this, I also tried to use the hosts file but it work only domain by domain, not for a single API endpoint.
You can use the Map Remote function in Charles. I believe similar feature exists in other HTTP proxy tool such as Fiddler too.
First, configure Map Remote and mapping https://jsonplaceholder.typicode.com to http://localhost:3000, limit the path to /todos/*, so that it won't impact /movie/1:
Then, as Charles is trying to intercept HTTPS site, you need to enable "SSL Proxying" and add jsonplaceholder.typicode.com (Otherwise, browser will ignore the interceptor or just throw a certificate warning):
It's done. In browser, access to https://jsonplaceholder.typicode.com/todos/1 or https://jsonplaceholder.typicode.com/todos/2 will be redirected to http://localhost:/todos/1 or http://localhost:3000/todos/2 internally, while access to https://jsonplaceholder.typicode.com/movie/1 is not touched.

How to fix "load unsafe scripts"?

so I'll start from the very beginning.
Basicly I purchased a template off themeforest and I manually edited the code in a markup editor to match my preferences.
As I was finished, I decided to host my website on github pages - I uploaded my code directory to a repository as you do.
Here's a link to my repository:
https://github.com/KristofferHari/kristofferhari.github.io
Here's a link to my current website URL:
https://kristofferhari.github.io/ (As you can see, everything's kinda buggy)
So I managed to contact the seller and this is what I was provided with:
The reason for that is because the resources are using a http connection and they can’t be loaded on https connection website. So
you have to upload all the resources (scripts/stylesheets) to github
in order to use them on github.
So I suppose that through my browser, I am trying to connect to my website through a https connection rather than an http. (Is this what is actually causing the problem, and what's the difference between a http connection and a https?)
Secondly, how would I upload all my resources (scripts/stylesheets) to github?
Thanks in advance!
There is a relatively simple solution: to use a protocol-relative URL format.
e.g. your error
Mixed Content: The page at 'https://kristofferhari.github.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400,700,300,900'. This request has been blocked; the content must be served over HTTPS.
The problem is you are loading
http://fonts.googleapis.com/css?family=Open+Sans:400,700,300,900'
from
https://kristofferhari.github.io/
The page is secure (HTTPS), but it's loading insecure content (HTTP).
To fix it, you basically need to change the stylesheet to:
https://fonts.googleapis.com/css?family=Open+Sans:400,700,300,900'
But a more flexible solution is to use a protocol relative format:
//fonts.googleapis.com/css?family=Open+Sans:400,700,300,900'
which will then work on either http or https.
Apply this change to all included resources.

exposing a sparql endPoint publicly?

I have a website power by a tomcat server. My application tap on a tripleStore that i would like to make public trough a sparql endpoint at www.mywebsiteaddress/sparql.
What configuration do i need on my webserver to do that ?
I use Jena Fuseki on the background which is running on the Port 3030 and my webserver is on the port 80.
My idea is that, when the webserver get a request on the port 80 about ..../sparql it redirect to fuseki sprql endPoint
This is more of a webservice / access control problem than anything SPARQL related. However, since SPARQL endpoints are supposed to be created as per the SPARQL spec, i think this a valid question, as I'm sure people will encounter it again in the future.
So, to answer your question, "public" usually means that certain headers are set in order to allow a request to hit the endpoint when it is not coming from the same domain. From there, you can specifically allow certain types of interactions with the endpoint. If you wanted to kinda just allow everything, you could set the following headers:
'Access-Control-Allow-Origin: *'
"Access-Control-Allow-Credentials: true"
'Access-Control-Allow-Headers: X-Requested-With'
'Access-Control-Allow-Headers: Content-Type'
'Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE //http://stackoverflow.com/a/7605119/578667
'Access-Control-Max-Age: 86400'
Depending on how you built the endpoint, it'll either have some settings somewhere where you can adjust the headers, or, you'll have find the headers settings for the application framework itself if you're using one. But, in general, the above headers would make it "public"

Getting around GWT Same Origin Policy

I am trying to implement the work around suggested on this link
http://raibledesigns.com/rd/entry/how_to_do_cross_domain
My existing Servlet on my server looks like
#SuppressWarnings("serial")
public class ContactsServiceImpl extends RemoteServiceServlet implements ContactsService
{
...
How do I modify this to get the cross domain to work. Do I need to make any changes on the client side?
It isn't the GWT Same Origin Policy - it is the browser itself! The browser won't normally allow any XHR call to go out to a server that isn't the same server the page was loaded from.
The link you mentioned lets your server act as a proxy - thats one way to let the client talk to another server. The steps they take (create a servlet that forwards requests, configure it to point at the other server you want to use) do not require changes to the client.
Another option is to use the Cross Origin Resource Sharing - a way for the server to specify that the browser is allowed to contact it, even across domains. The catch: not all browsers support it.

Is there an option in Play Framework (1.2.4) to always do redirects as HTTPS?

I have not been able to find a way to do this. We need to do a 302 redirect from http://www.doortodoororganics.com to https://www.doortodoororganics.com/landing. The way we are doing it now redirects to http://www.doortodoororganics.com/landing, and then Apache does the redirect to https. I realize I could change it in the Controller, but we have several places in the code where we do redirects, and I would much rather set it once so that all redirects go to HTTPS.
Any suggestions?
Write a Base Controller and have a Before Interceptor which can set the
play.mvc.Http.Request.secure
property to true always.
The Play framework checks this property before redirecting. If true it does a https redirection.
Use a front http server that acts as a proxy in front of your play application. This is trivially done using apache httpd : http://www.cyberciti.biz/tips/howto-apache-force-https-secure-connections.html It could also be done in any other http server such as nginx...