[orion-dev] [Action required] The "Get Plugins" catalog has moved to HTT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[orion-dev] [Action required] The "Get Plugins" catalog has moved to HTTPS

From: Mark Macdonald <mamacdon@xxxxxxxxx>
Date: Fri, 6 Sep 2013 18:28:23 -0400
Delivered-to: orion-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/orion-dev>
List-help: <mailto:orion-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/orion-dev>, <mailto:orion-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/orion-dev>, <mailto:orion-dev-request@eclipse.org?subject=unsubscribe>

Recently web browsers have started to block mixed content [1] . This impacts HTTPS deployments of Orion like OrionHub and orion.eclipse.org

. On OrionHub, for example, current browsers now refuse to install or activate plugins hosted on HTTP servers — such as mamacdon.github.io, our current plugin catalog. Other *.github.io domains hosting Orion plugins are similarly affected. See Bug 415279 [2] for details.

To address this, the plugin catalog has been moved to an HTTPS website. Please access it using the URL below from now on. (The "Get Plugins" link on Orion's Settings page has been updated accordingly in HEAD.)

New URL:

https://orion-plugins.googlecode.com/git/index.html

If you're a user of Orion or a plugin maintainer, more action is required (see below).

End user
s:

>From Orion's Settings page, uninstall any plugins that you got from mamacdon.github.io.
Consult the new plugin page to get the correct URL for any plugins you wish to install.
Do not use mamacdon.github.io, as it will no longer be maintained.

Plugin maintainers:

If your plugin is hosted on an HTTP site, please migrate it to HTTPS. Your plugin's source code can remain at GitHub (or anywhere), but the web content should be HTTPS.

Google Code

mirror

is one option for open source plugins, as it provides HTTPS access to your source repo.

If you choose to use Google Code, you can migrate an existing GitHub web branch ("gh-pages") by simply adding your new Google Code repo as a remote and pushing to it:

git remote add googlecode https://code.google.com/p/yourProject/
git push googlecode gh-pages

Your files can then be accessed over HTTPS

using a URL like this:

https://yourProject.googlecode.com/git-history/gh-pages/

And if you push to a branch named "master" you can use a shorter URL:

https://yourProject.googlecode.com/git/

Keep in mind that the plugin catalog has always been a temporary place to list useful plugins. Orion committer Maciej is working on a fully featured Orion Store [3], which will replace the current catalog. However HTTPS hosting of plugins will remain a best practice, and I recommend switching to HTTPS sooner rather than later.

Regards
Mark

[1]

https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/
[2]

https://bugs.eclipse.org/bugs/show_bug.cgi?id=415279
[3]

https://bugs.eclipse.org/bugs/show_bug.cgi?id=410709

Prev by Date: Re: [orion-dev] Transfer API
Next by Date: [orion-dev] Committer vote for Matthias Sohn has concluded successfully
Previous by thread: [orion-dev] Question to Transfer API
Next by thread: [orion-dev] Committer vote for Matthias Sohn has concluded successfully
Index(es):
- Date
- Thread

Breadcrumbs