Eric, I thought with http my way was clear, and I was nearly home. This https hang-up now has me poised on a knife-edge of indecision. There are strategic design decisions I don't feel qualified to make.
I'm delighted to hear the core part of https is basically all there for JHS. It's an extra degree of freedom for us, even if Apple are about to downgrade https from a requirement to a strong recommendation. But what about the self-signed certificate? I'm out of my comfort zone. > Let me know what you find and how what suggestions you have for proceeding. I'm into this because I think it's important, not just for writing Apple-looking apps for the (near-obsolescent) iMac and PowerBook, but for iPad, iPhone, iWatch, iTV, which are programmable in Xcode (on the iMac, via iOS-simulators) and use all the same languages, libraries and techniques, once you scratch the iOS-surface. In short: my ultimate goal is not to sell professional-looking J apps for OS X, but for iOS. Thereafter, an Android port would be a cinch – by someone who knows what they're doing on Android – which I don't. I'm aware of older and simpler ways of connecting a J server with an OS X app client, but have little experience with them. (Though I've played with websockets – which would certainly do the job, were it just a case of getting something working.) But since Apple have been pushing http as the way to go for inter-app communication, even for local servers, the simpler ways have not looked attractive. A bog-standard http link has advantages for the novice (J) developer – the JHS-based part of the app can be debugged standalone using any commercial browser: Safari, Firefox … in a sense the app family I'm writing are just specialised browsers to connect with JHS out-of-the-box. For an App Store-ready app, it's the "out-of-the-box" bit that's vital. Apple's got really twitchy about security recently. BUT… if Apple maintains its hard line over https, the simpler ways start to look attractive again. I've not yet moved to OS X Sierra, but I'm just about to. I see signs Apple are softening their stance, offering several ways I don't fully understand to tell ATS to tolerate a http connection provided it's "restricted enough". There's a chance we could put a lot of effort into migrating from http to https and find it wasn't necessary. I don't know yet. BUT… a big area of expansion is using an iPhone as a g.p. controller, e.g. to control the Apple Watch you're wearing. So the pretty face would be running on your watch, and JHS on the iPhone in your pocket. But that's no longer a local server (…or is it? I think "SSL" is the magic word here.) Be that as it may, I feel edgy about painting myself into a corner with a solution inherently confined to localhost. > Let's move this discussion to beta. Do you mean: confine it to the beta forum? Or to get it all out there, in usable form for the next release? For the latter, I'd be delighted. There's no cards I want to hold to my chest any more. I was on the point of zipping up one or two Xcode projects and uploading them to jwiki, with a brief writeup, plus stating my rationale and the prizes to be had. Just to play with these apps yourselves, with or without Xcode (…which is free) will save me ten thousand words of explanation. But, in the long run, I ought to upload the Xcode projects to GitHub, which gives us all a lot more elbow room. I'll do the simplest thing first, to get the ball rolling. Ian On Mon, Apr 10, 2017 at 12:19 AM, Eric Iverson <[email protected]> wrote: > Ian: > > JHS https > > It should be possible to do this and it would be desirable to have. > > I would be happy to work with you on this and can promise that the result > would become part of JHS. > > I had the core part of https working years ago as part of a project to > support websockets. The handshake is similar. It wasn't too difficult but > unfortunately the project was dropped. > > I wonder if web sockets would be a better, more interesting, and much > better performing alternative for your application. > > Let me know what you find and how what suggestions you have for proceeding. > > This comes up as particular to apple, but is in fact of interest to all. > > Let's move this discussion to beta. > > On Fri, Apr 7, 2017 at 6:15 PM, Ian Clark <[email protected]> wrote: > > > Can JHS be configured to connect via https instead of http? > > > > If the answer's "no", why do I want it? -- > > > > I'm writing Apple apps using Xcode + Swift which communicate with JHS > used > > as a local server. I have some working prototypes and I'm about to offer > > these as betas. > > > > Apple have brought in something called App Transport Security (ATS) > which, > > put simply, deliberately makes life difficult if the client insists on > > using http:// instead of https:// to connect with the server. Even over > an > > SSH "tunnel" on the same machine. > > > > ATS can be overridden (as I have been doing), but only as a temporary > > expedient (says Apple), and the resulting app will not get accepted for > > sale on App Store. > > ---------------------------------------------------------------------- > > For information about J forums see http://www.jsoftware.com/forums.htm > ---------------------------------------------------------------------- > For information about J forums see http://www.jsoftware.com/forums.htm > ---------------------------------------------------------------------- For information about J forums see http://www.jsoftware.com/forums.htm
