info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
enable Geolocation for Version 3.5 and above
60 views
Skip to first unread message
Jannellies Ngu
Jul 23, 2018, 5:59:06 AM7/23/18
to dev-geo...@lists.mozilla.org
Hi,
May I know is there other solution to enable Geolocation for Firefox
Version 3.5 and above without purchasing SSL Certificate?
Thanks.
May I know is there other solution to enable Geolocation for Firefox
Version 3.5 and above without purchasing SSL Certificate?
Thanks.
Felix Baumann
Jul 23, 2018, 6:41:00 AM7/23/18
to Discussion about Geo location services, Jannellies Ngu
Hi Jannellies,
what are you trying to achieve?
Do you want to set up your own Geolocation server and replace "geo.wifi.uri" in the Firefox config with the url of that new server?
Are other people supposed to be able to use the same Geolocation server as well?
Or are you trying to use the HTML5 Geolocation API on your Website? In that case, yes your website is required to be encrypted (https).
The reason is simple: Browser operators want to keep Nodes between the user and the server from spying on the user's position or manipulating it. (proxies, carriers, intelligence agencies etc.)
You don't need to spend money these days to apply for a certificate though.
I can recommend certificates from the CA "Let's Encrypt".
If the website isn't visited by anyone except yourself, then you can also self-sign a certificate and trust it in your webbrowser.
Regards
Felix Baumann
>_______________________________________________
>dev-geolocation mailing list
>dev-geo...@lists.mozilla.org
>https://lists.mozilla.org/listinfo/dev-geolocation
what are you trying to achieve?
Do you want to set up your own Geolocation server and replace "geo.wifi.uri" in the Firefox config with the url of that new server?
Are other people supposed to be able to use the same Geolocation server as well?
Or are you trying to use the HTML5 Geolocation API on your Website? In that case, yes your website is required to be encrypted (https).
The reason is simple: Browser operators want to keep Nodes between the user and the server from spying on the user's position or manipulating it. (proxies, carriers, intelligence agencies etc.)
You don't need to spend money these days to apply for a certificate though.
I can recommend certificates from the CA "Let's Encrypt".
If the website isn't visited by anyone except yourself, then you can also self-sign a certificate and trust it in your webbrowser.
Regards
Felix Baumann
>dev-geolocation mailing list
>dev-geo...@lists.mozilla.org
>https://lists.mozilla.org/listinfo/dev-geolocation
Felix Baumann
Jul 24, 2018, 1:02:16 AM7/24/18
to Jannellies Ngu, Discussion about Geo location services
Hi Ngu,
you're welcome :)
let's encrypt is completely free of charge. No trials or anything like that.
https://letsencrypt.org/about/
https://en.wikipedia.org/wiki/Let%27s_Encrypt
You can even automate the certificate renewal process, so that you
don't need to update the certificate manually anymore.
Your server will do it for you then by using let's encrypt's API
https://letsencrypt.org/getting-started/
Their goal is to make encryption easy to use and thereby ubiquitous.
Encrypting web traffic is literally the default on the web now and there is
nothing wrong with that.
Encrypted websites get a better position on google and other search
engines. (SEO)
Chrome marks http (unencrypted) websites as of this month as unsafe.
(in-case you haven't noticed that, yet)
I don't know, if you know the following, yet, but your website has a
login feature
and your web traffic is unencrypted. If users access your websites from
a public,
unencrypted wifi hotspot, then other people nearby can hijack their
session and
(with a bit of luck) spy on their login credentials.
(same goes for the owner of the hotspot of course)
Proof-of-Concept addon (2010):
https://en.wikipedia.org/wiki/Firesheep
Btw.: Not only Firefox blocks the geolocation api on http:
Also Chrome (desktop and Android), Safari on iOS and Opera
https://caniuse.com/#feat=geolocation
https://developers.google.com/web/updates/2016/04/geolocation-on-secure-contexts-only
Regards
Felix Baumann
Am 24.07.2018 um 03:26 schrieb Jannellies Ngu:
> Hi Felix,
>
> Thank you for replying me and i really appreciate that.
> May I know is there any time limit to use the free certificate from
> the CA "Let's Encrypt" ? For example, the certificate only can be use
> for free in first 3 months and payment is required after the free trial.
>
> FYI,
> My department developed a website which having multiple internal users
> to login and also can locate the driver's location.
> But the website is not secure that caused the Geolocation Function
> unable to work on Firefox version 3.5 and above.
>
> Thanks.
>
> Best Regards,
> Ngu Qiao Wei.
> dev-geolocation mailing list
> dev-geo...@lists.mozilla.org
> <mailto:dev-geo...@lists.mozilla.org>
> https://lists.mozilla.org/listinfo/dev-geolocation
> <https://lists.mozilla.org/listinfo/dev-geolocation>
>
>
you're welcome :)
let's encrypt is completely free of charge. No trials or anything like that.
https://letsencrypt.org/about/
https://en.wikipedia.org/wiki/Let%27s_Encrypt
You can even automate the certificate renewal process, so that you
don't need to update the certificate manually anymore.
Your server will do it for you then by using let's encrypt's API
https://letsencrypt.org/getting-started/
Their goal is to make encryption easy to use and thereby ubiquitous.
Encrypting web traffic is literally the default on the web now and there is
nothing wrong with that.
Encrypted websites get a better position on google and other search
engines. (SEO)
Chrome marks http (unencrypted) websites as of this month as unsafe.
(in-case you haven't noticed that, yet)
I don't know, if you know the following, yet, but your website has a
login feature
and your web traffic is unencrypted. If users access your websites from
a public,
unencrypted wifi hotspot, then other people nearby can hijack their
session and
(with a bit of luck) spy on their login credentials.
(same goes for the owner of the hotspot of course)
Proof-of-Concept addon (2010):
https://en.wikipedia.org/wiki/Firesheep
Btw.: Not only Firefox blocks the geolocation api on http:
Also Chrome (desktop and Android), Safari on iOS and Opera
https://caniuse.com/#feat=geolocation
https://developers.google.com/web/updates/2016/04/geolocation-on-secure-contexts-only
Regards
Felix Baumann
Am 24.07.2018 um 03:26 schrieb Jannellies Ngu:
> Hi Felix,
>
> Thank you for replying me and i really appreciate that.
> May I know is there any time limit to use the free certificate from
> the CA "Let's Encrypt" ? For example, the certificate only can be use
> for free in first 3 months and payment is required after the free trial.
>
> FYI,
> My department developed a website which having multiple internal users
> to login and also can locate the driver's location.
> But the website is not secure that caused the Geolocation Function
> unable to work on Firefox version 3.5 and above.
>
> Thanks.
>
> Best Regards,
> Ngu Qiao Wei.
>
> On Mon, Jul 23, 2018 at 6:40 PM, Felix Baumann <feli...@gmx.de
> <mailto:feli...@gmx.de>> wrote:
>
> Hi Jannellies,
>
> what are you trying to achieve?
> Do you want to set up your own Geolocation server and replace
> "geo.wifi.uri" in the Firefox config with the url of that new server?
> Are other people supposed to be able to use the same Geolocation
> server as well?
>
> Or are you trying to use the HTML5 Geolocation API on your
> Website? In that case, yes your website is required to be
> encrypted (https).
> The reason is simple: Browser operators want to keep Nodes between
> the user and the server from spying on the user's position or
> manipulating it. (proxies, carriers, intelligence agencies etc.)
>
> You don't need to spend money these days to apply for a
> certificate though.
> I can recommend certificates from the CA "Let's Encrypt".
>
> If the website isn't visited by anyone except yourself, then you
> can also self-sign a certificate and trust it in your webbrowser.
>
> Regards
> Felix Baumann
>
> Am 23. Juli 2018 11:58:57 MESZ schrieb Jannellies Ngu
> <jannel...@gmail.com <mailto:jannel...@gmail.com>>:
> On Mon, Jul 23, 2018 at 6:40 PM, Felix Baumann <feli...@gmx.de
> <mailto:feli...@gmx.de>> wrote:
>
> Hi Jannellies,
>
> what are you trying to achieve?
> Do you want to set up your own Geolocation server and replace
> "geo.wifi.uri" in the Firefox config with the url of that new server?
> Are other people supposed to be able to use the same Geolocation
> server as well?
>
> Or are you trying to use the HTML5 Geolocation API on your
> Website? In that case, yes your website is required to be
> encrypted (https).
> The reason is simple: Browser operators want to keep Nodes between
> the user and the server from spying on the user's position or
> manipulating it. (proxies, carriers, intelligence agencies etc.)
>
> You don't need to spend money these days to apply for a
> certificate though.
> I can recommend certificates from the CA "Let's Encrypt".
>
> If the website isn't visited by anyone except yourself, then you
> can also self-sign a certificate and trust it in your webbrowser.
>
> Regards
> Felix Baumann
>
> Am 23. Juli 2018 11:58:57 MESZ schrieb Jannellies Ngu
>
> Hi, May I know is there other solution to enable Geolocation
> for Firefox Version 3.5 and above without purchasing SSL
> Certificate? Thanks.
> ------------------------------------------------------------------------
> Hi, May I know is there other solution to enable Geolocation
> for Firefox Version 3.5 and above without purchasing SSL
> Certificate? Thanks.
> dev-geolocation mailing list
> dev-geo...@lists.mozilla.org
> <mailto:dev-geo...@lists.mozilla.org>
> https://lists.mozilla.org/listinfo/dev-geolocation
> <https://lists.mozilla.org/listinfo/dev-geolocation>
>
>
0 new messages