Embedded preview forces HTTPS

preview

#1

So i set up SSH workspace using a domain name as the address. I can’t seem to get the “Preview Running Application” to load up the site - but if I open another browser tab, it loads up just fine. I think the C9 GUI is trying to go to the HTTPS domain name, and when I change it to HTTP, it fails to connect.

Is the preview feature limited to HTTPS only? Even for SSH workspaces?
If so, I presumed (I guess mistakenly) that SSH workspaces mirrored the capabilities of C9 workspaces, in that an app running over port 8080 would be forwarded through to whatever makes the preview necessary. Apparently not the case.

I think this needs to be indicated with SSH workspaces documentation because it’s not the behavior expected.

UPDATE:
So, figured it out. My hunch was correct. The C9 GUI requires HTTPS for previewing.
It requires your SSH box serve up apps with SSL enabled. simple as that. Now, the C9 cloud workspaces, handle this transparently, but not on SSH workspaces… apparently.

You have to manually stand up something like NGINX, install a self-signed cert (or purchase one if you’re so daring), and hook everything up to forward your ports to HTTPS.

Cloud9, I love you, but if your product not going to work as expected, you should provide the documentation that gets you to where it will work as expected.

This is not documented anywhere.
Essentially, the feature is broken out-of-box, so I’m changing this to a bug - which, I imagine could be considered resolved if C9 updates the documentation regarding the requirement to set up SSL+HTTPS for the Preview function to work.


TL;DR; The “Preview Running Application” feature doesn’t work on SSH workspaces out of the box. This is not documented anywhere.


#2

you could just load the page up with http in the preview pane. it just defaults to https.


#3

http is blocked by the c9 iframe, hence the whole issue.


#4

Indeed it is but it will work outside of the workspace area in another browser tab.


#5

Yes, but my bug isn’t for the web browser, it’s for Cloud9 IDE, which has 0 documentation as to the fact that HTTPS is a requirement for the preview (see my original post).


#6

That’s a good point. I’ve added it to our internal bug tracker. Thanks!

You’re right about the hosted workspaces handling that, it goes via our proxies that have wildcard certs for our c9users.io domain to handle this and make sure everything users do is secure.

We can’t open HTTP in the local window however, most browsers block mixed mode content like that for security reasons (e.g. has the grene lock icon, but then some parts of the page are unencrypted would catch out most non-techy people). We could possibly have a button and only support it when popped out. But I’ve logged the bug for now.


#7

Thanks,
I like the idea of having like a setting or something that indicates whether it should pop-out to a browser tab. It would help too if a note about it was added to the SSH workspace documentation, something along the lines of “Running application previews within cloud 9 require an HTTPS connection. Running your app over HTTP or another transport will only be previewable outside of the IDE.”