Re: Broken widgets work fine on chumby.com

You can't really strip the https from the URL and expect it to work - you need something to fetch the resource using https using the appropriate protocols and certificates, then provide the data in a form that the chumby can accept - this is what chumby's proxy server does, although it also provides a certain amount of caching. 

The chumby itself has a small server, and I've seen some folks hack that to do something on behalf of widgets that aren't capable of doing whatever it is on their own - however, anything trying to do SSL from there would have the same problem as the rest of the chumby since it would be using the same protocols and certs that the Flash Player is using, since that's what's on the device.

It would be possible to set up another server that does stuff similar to what the chumby system does for use by third parties - however it would have to be crafted carefully in order to better handle busted or slow servers than the chumby proxy currently does.  The chumby system was designed specifically and exclusively for use by chumby's internal developers who would understand and work within the rules imposed by that service.

As to whether I could do this under chumby's umbrella is really a cost question - I don't think, even with the subscription income, that I could cover the costs of proxying all of the data traffic to all of the widgets using https on all of the chumbys.

Re: Broken widgets work fine on chumby.com

Here's a silly joke version...

Imagine the following scenario:

In the old days MACHINES WOULD TALK TO EACH OTHER ONLY IN CAPITAL LETTERS.  THIS WAS OK BECAUSE EVERYONE DID IT.  EVEN IF IT WAS SHOUTING.

BUT THINGS GOT BETTER and we learned how to use Capital and lower case letters.  We COULD TALK both ways.

But then someone realised THAT SHOUTING ALL THE TIME caused headaches and ear problems.  So modern servers refuse to talk to people who only shout.

Now the Chumby is getting old.  IT ONLY KNOWS HOW TO SHOUT.  So Chumby talks to a server and the server says "go away, I won't talk to you, you noisy shouty person".  And the Chumby is sad.

Teaching the Chumby how to use mixed case is a lot of work; it has to catch up on many many years of school work.

Re: Broken widgets work fine on chumby.com

Well, it's more like -

In the old days computers just talked - the Chumby said, "Hello, what have you got for me?"  "Oh, hi Chumby, here's some kitten photos - enjoy!"

Sometimes, the Chumby wanted to hear about some secrets, so it used a special code to get that information "Hi, what have you got for me? The sparrow flies at midnight!".  "Oh hi Chumby, that code phrase checks out, here's the secret info".

Now it's like "Hi what have you got for me?  How about some kitten photos?"  "Sorry kitten photos are secrets now".  "WTF? Oh, ok then, the sparrow flies at midnight".  "Sorry that's an old code, and it's in English anyway, can't give you the secret kitten photos - in fact I can't give you anything anymore.  Everything's secret now."

There are actually a lot of embedded devices that have the same issue as the chumby - not many, however, are required to try to talk to as many varied and random sites.

We have been experimenting with replacing the certs with the latest ones (it's easy to do that on C1, C8, I3 and I8), but so far that doesn't seem to be enough.  It does appear that a full replacement of the SSL libraries is going to be required.

Re: Broken widgets work fine on chumby.com

So, here's some good news.

It looks like we have a workable plan to be able to update the chumby and Insignia devices to support modern SSL, and thus compatibility with the various HTTPS-based sites.

The solution for the chumby Classic is easy - just do a USB firmware update to 1.7.3.

For the rest, we're putting together a USB dongle image that will attempt to patch the existing firmware.

I will create a new thread when this is ready.

Re: Broken widgets work fine on chumby.com

Great News!

Tar, feathers, congress. Some assembly required.

81 (edited by Plank 2017-03-24 08:36:13)

Re: Broken widgets work fine on chumby.com

Wonderful!  Does that mean that many of the orphan or broken widgets will come back to life or will they have to be modified?

Re: Broken widgets work fine on chumby.com

Plank wrote:

Wonderful!  Does that mean that many of the orphan or broken widgets will come back to life or will they have to be modified?

In the general case, they should not need to be modified.  There may be feeds that have not made redirects or otherwise changed the URL when they switched to HTTPS that would still need to be modified, but I suspect that would be rare.

If the widget still works in the browser, it should work on the patched chumby.

Re: Broken widgets work fine on chumby.com

How long are NOAA radar images cached?

Yesterday a pretty severe storm plowed through Dallas-Fort Worth, and the NOAA weather radar didn't show anything until an hour after it had passed.

It is 2:01pm central and the latest radar image has a timestamp of 12:08 PM CDT.

Perhaps the NOAA radar images should be marked stale after 10 minutes?

tyvm

Re: Broken widgets work fine on chumby.com

Normally the proxy server caches for an hour, however, the author put in a cache buster that should generate a new URL every ten minutes or so, which should cause a new image to be loaded.

Re: Broken widgets work fine on chumby.com

"http://www.chumby.com/guide/FA331AF0-AB … 20C/widget

just updated by the author."

At least one of my local radars is "late", i.e., shows rain, etc. after it has passed.
Should we just wait for the "https" update, or do you need specifics?

Re: Broken widgets work fine on chumby.com

I'll take a look to see if there's anything obviously going on in the cache system, otherwise, we should wait until the updates.