From a17e7253398100f250c2242fb922b68833636701 Mon Sep 17 00:00:00 2001 From: Timothy Farrell Date: Thu, 18 Jan 2018 14:22:34 -0600 Subject: [PATCH] Try to be less dumb about insecure hosting --- packages/gallery/src/app.js | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/gallery/src/app.js b/packages/gallery/src/app.js index bd6dd20..70f68d8 100644 --- a/packages/gallery/src/app.js +++ b/packages/gallery/src/app.js @@ -16,7 +16,13 @@ function go() { router.start('home'); } -if ('serviceWorker' in navigator && window.top === window) { +const url = `https://${location.host}${location.pathname}${location.hash}`; +const msg = `This photo gallery will not work properly unless accessed securely. Connect to ${url} instead?`; + +// We use subtleCrypto which is only available from secure domains and localhost. +if (location.protocol !== 'https:' && (!crypto.subtle || !crypto.subtle.digest) && confirm(msg)) { + location.assign(url); +} else if ('serviceWorker' in navigator && window.top === window) { navigator.serviceWorker .register('/assets/sw.bundle.js', { scope: '/' }) .then(go)