The SAMP Web Profile allows web applications to talk to other SAMP clients, communicating with the Hub using an XMLHttpRequest to a well-known port (21012) on the local host. There are problems with doing this if the web page hosting the web application is served from HTTPS rather than HTTP, since access to the hub URL http://localhost:21012/
counts (at least in some interpretations) as mixed active content, which is generally blocked by browsers. This issue has been known since 2014, but is becoming more pressing as more data providers use HTTPS for service delivery. See Presentation at Sydney Interop (2015) for more details.
A possible solution was proposed that defines a new Profile involving use of an external Relay service and abuse of mixed passive content to bootstrap communications, as described in Taylor presentation at Cape Town Interop (2016). This has been shown to work, e.g. it is currently deployed at ASI-SSDC based on a custom/prototype JSAMP hub, see Verrecchia presentation at Paris Interop (2019). This solution however is not elegant, efficient, robust or nice. There is some more discussion of this as well as alternative bad solutions in https://arxiv.org/abs/1912.00917 (presented by Taylor at ADASS 2019; this paper is now mostly obsolete).
Following discussion at Groningen Interop (2019), some more progress was made that could get HTTPS-based web applications to use the Web Profile as it stands:
We are assessing which browsers now support Web SAMP over HTTPS without making any special arrangements. I believe those that do, do so because of browser implementation of the W3C Secure Contexts document. Thanks to those who have tried out browser/OS combinations following the instructions below. The headline results seem to be:
This looks quite positive; services may decide on that basis that it's worth providing Web SAMP in HTTPS-based services on the basis that they will work for many/most users. Optionally, they could provide the browser extensions for others.
To work out the status of HTTPS+SAMP on your browser/OS, follow these easy instructions:
http://...
Origin). Accept, and a table should be loaded in TOPCAT. (If this doesn't happen, your problems are not related to HTTPS)
https://...
Origin) and a table is loaded in TOPCAT as before - this means SAMP+HTTPS does work on your browser
(If you want to try some more interesting examples, including 2-way communications, others are available: HTTP / HTTPS. I'm expecting that if HTTPS works/fails for one SAMP example it will be the same for all, but if you find different, please report it).
Results: some anomalous outcomes are highlighted
HTTPS + SAMP Survey | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Browser | Version | OS | Works out of the box? | Reporter | ||||||||
Chrome | 77 | Ubuntu | yes | Felix Stoehr | ||||||||
Chromium | 78.0 | Ubuntu | yes | Mark Taylor | ||||||||
Chromium | 85.0 | Ubuntu | yes | Mark Taylor | ||||||||
Firefox | 70.0.1 | OSX Mojave | yes | Felix Stoehr | ||||||||
Firefox | 70.0 | Ubuntu | no | Felix Stoehr | ||||||||
Firefox | 59 | RHEL6 | no | Mark Taylor | ||||||||
Firefox | 70.0.1 | Ubuntu | no | Mark Taylor | ||||||||
Firefox | 81.0 | Ubuntu | yes | Mark Taylor | ||||||||
Firefox Nightly | 75.0 (64-bit) | GUIX | yes | Hugo Buddelmeijer | ||||||||
Chrome | 85.0 | |
yes | Thomas Boch | ||||||||
Firefox | 81.0 | |
yes | Thomas Boch | ||||||||
Safari | 13.1.2 | |
no | Thomas Boch | ||||||||
Chrome | 85.0 | Fedora 31 | yes | Marco Molinaro | ||||||||
Firefox | 80.0 | Fedora 31 | yes | Marco Molinaro | ||||||||
Chrome | 85.0. | MacOS 10.11.3 | yes | Susana Sánchez Expósito | ||||||||
Firefox | 78.2 | MacOS 10.11.3 | yes | Susana Sánchez Expósito | ||||||||
Safari | 9.0.3 | MacOS 10.11.3 | No | Susana Sánchez Expósito | ||||||||
Firefox | 81.0 | MacOS 10.14.6 | Yes | Susana Sánchez Expósito | ||||||||
Chrome | 85.0 | MacOS 10.14.6 | Yes | Susana Sánchez Expósito | ||||||||
Safari | 13.1 | MacOS 10.14.6 | No | Susana Sánchez Expósito | ||||||||
Firefox | 86.0.1 | MacOS 10.14.6 | Yes | Stéphane Erard | ||||||||
Safari | 13.1.2 | MacOS 10.14.6 | No | Stéphane Erard | ||||||||
Chrome | 89.0.4389.90 | MacOS 10.14.6 | Yes | Stéphane Erard | ||||||||
Firefox | 115.11.0esr (64 bits) | MacOS 14.4.1 | Yes | Stéphane Erard | ||||||||
Firefox | 81.0(64 bits) | Ubuntu 20.04.1 LTS | yes | Regis Haigron | ||||||||
Firefox | 80 | Windows 10 | yes | Regis Haigron | ||||||||
Firefox | 81.0(64 bits) | Ubuntu 18.04.1 LTS | yes | Pierre Le Sidaner | ||||||||
Chrome | 86.0.4240.75 | Ubuntu 18.04.1 LTS | Yes | Pierre Le Sidaner | ||||||||
Vivaldi | 3.3.2022.47 | Ubuntu 18.04.1 LTS | Yes | Pierre Le Sidaner | ||||||||
Chrome | 84.0.4147.125 | MacOS 10.12.5 | Yes | Juan Carlos Segovia | ||||||||
Safari | 10.1.1 | MacOS 10.12.5 | No | Juan Carlos Segovia | ||||||||
Firefox | 75.0 | MacOS 10.12.5 | Yes | Juan Carlos Segovia | ||||||||
Chrome | 57.0 | MacOS 10.12.6 | Yes | Alcione Mora | ||||||||
Safari | 11.0.2 | MacOS 10.12.6 | Yes | Alcione Mora | ||||||||
Firefox | 69.0 | MacOS 10.12.6 | Yes | Alcione Mora | ||||||||
Chrome | 86.0 | MacOS 10.14.6 | Yes | Hector Canovas | ||||||||
Safari | 12.1.2 | MacOS 10.14.6 | No | Hector Canovas | ||||||||
Firefox | 81.0.1 | MacOS 10.14.6 | No | Hector Canovas | ||||||||
Edge | 86.0 | Windows 10.0 | Yes | Mark Taylor | ||||||||
Chrome | 86.0.4240.80 | MacOS 10.13.6 | Yes | Tom Donaldson | ||||||||
Firefox | 81.0.2 | MacOS 10.13.6 | Yes | Tom Donaldson | ||||||||
Safari | 13.1.2 | MacOS 10.13.6 | No | Tom Donaldson | ||||||||
Luakit | 2.0.0 | Debian buster | Yes | Markus | ||||||||
Internet Explorer | 11.0.9600.19867 | Windows Server 2012 R2 Standard | No | Yan Grange | ||||||||
Internet Explorer | 11.1198.18362.0 | Windows 10 1909 | Yes | Yan Grange | ||||||||
Edge | 87.0.664.47 | Windows 10 1909 | Yes | Yan Grange | ||||||||
Internet Explorer | 11.630.19041.0 | Windows 10 19041 | No? | Mark Taylor | ||||||||
Safari | 13.1.2 | MacOS 10.13.6 | No | Baptiste Cecconi | ||||||||
Firefox | 89.0.1 | MacOS 10.13.6 | Yes | Baptiste Cecconi | ||||||||
Chrome | 91.0.4472.114 | MacOS 10.13.6 | Yes | Baptiste Cecconi | ||||||||
Safari | 14.1.2 | macOS 11.5.1 | No | John Swinbank | ||||||||
Safari Technology Preview | Release 128 (Safari 15.0) | macOS 11.5.1 | No | John Swinbank | ||||||||
Firefox | 90.0.2 (64-bit) | macOS 11.5.1 | Yes | John Swinbank | ||||||||
Safari Technology Preview | Release 132 (Safari 15.4) | macOS 11.6 | No | John Swinbank | ||||||||
Safari | 15.3 | macOS 12.2.1 | No | Hendrik Heinl | ||||||||
Arc | 1.12.1 (42373) | MacOS 13.6 | No (HTTP does not work, HTTPS does) | Yan Grange |
-- MarkTaylor - 2020-10-13
IVOA.net
Wiki Home
WebChanges
WebTopicList
WebStatistics
Twiki Meta & Help
IVOA
Know
Main
Sandbox
TWiki
Working Groups
Interest Groups
Committees