I described some reasons to switch to HTTPS on my website. To be completely honest though, I didn’t finally get off my ass do that for any of those good reasons. I did it because I was building a map thing which requested browser geolocation and I noticed geolocation stopped working in chrome.
I’ve seen this deprecation warning a few times:
“getCurrentPosition() and watchPosition() are deprecated on insecure origins. To use this feature, you should consider switching your application to a secure origin, such as HTTPS. See https://goo.gl/rStTGz for more details.”
But somehow didn’t take it seriously. But yes. New versions of chrome won’t do geolocation unless it’s a HTTPS site. See this for yourself with this very basic geolocation test page on w3schools (which is http). Doesn’t work in chrome.
If you use LeafletJS, there’s a
map.locate method which presumably uses the same method internally (
navigator.geolocation.getCurrentPosition), but leaflet also detects the Chrome failure and pops up a different error message…
“Geolocation error: Only secure origins are allowed (see: https://goo.gl/Y0ZkNV)..”
If you use chrome you can see this on my geolocate example (http) here:
…and *Trumpet noise* see it fixed with the newly available https URL: