1

I setup a nodejs chat program on my website.

Then when I moved the website from http to https using letsencrypt, the chat program stopped working.

Here are the server and client:
https://synodins.com/apps/chat/server.js
https://synodins.com/apps/chat/client.html
And to read the client script directly:
https://synodins.com/apps/chat/client.txt

The problem is, as you can see in the client upon inspect element, is that i get error:
ReferenceError: io is not defined

I already have searched for this error and found:
socket.io - ReferenceError: io is not defined
but I am already doing things the way he suggests in the answer.

I am not really sure what the problem is, although I suspect there is something wrong with the socket.io module loading in the client.

Interestingly, I can run the chat on my localhost without problems, but when I try to run it on the server I get this error.

Can anybody see what the problem is?

Community
  • 1
  • 1
john-jones
  • 7,490
  • 18
  • 53
  • 86
  • 1
    There should be an other warning too: "[blocked] The page at https://synodins.com/apps/chat/client.html ran insecure content from http://89.160.129.62:8002/socket.io/socket.io.js." the problem is you are loading js over http on a https site. – Roland Starke Jun 06 '16 at 12:32
  • Yeah. But when I do http://89.160.129.62:8002/ the server connects, but when i do https://89.160.129.62:8002/ i get 'secure connections failed'. isn't that the problem? How would I fix that? – john-jones Jun 06 '16 at 12:54
  • I dont think I can allow https calls via direct ip address in letsencrypt. – john-jones Jun 06 '16 at 12:55
  • As I can see right now, your `socket.io/socket.io.js` is not being loaded even, reason being incorrect address. There is no such file there. http://89.160.129.62:8002/socket.io/socket.io.js Are you sure that port 8002 is open on your server? – Vikram Tiwari Jun 10 '16 at 01:12
  • sorry, i opened it now. – john-jones Jun 10 '16 at 05:24

2 Answers2

2

So I looked at the page and I found 2 issues:

There is a problem with mixed content. You cannot use 'http' to load in a file when the page has been loaded using 'https'. It's a security issue.

Secondly, I noticed the link to the JS file is http://127.0.0.1/..., That's currently pointing to your local host.

Looking above at the comments, it looks like you once had it pointing somewhere else, but what I suggest is changing the tag to point to the same source file, but with https://... at the start of the src.

Here is the error I got while accessing your site:

Mixed Content: The page at 'https://synodins.com/apps/chat/client.html'
was loaded over HTTPS, but requested an insecure script 
'http://127.0.0.1:8002/socket.io/socket.io.js'. This request has been 
blocked; the content must be served over HTTPS.

After that, let me know and I'll look into it further.

EDIT:

If a relative URL is possible, it is always preferred. Please check out this answer that is related to your question: https://stackoverflow.com/a/29835657/672229

Community
  • 1
  • 1
Steven Rogers
  • 1,874
  • 5
  • 25
  • 48
  • I installed bower like in the answer you refer to, and using the bower reference seems to take the io error away as well as allow me to run the entire client script without errors. The problem is it just still doesn't seem to connect. I'm wondering if its the io.connect call where im using http. But i cannot use https for then i get 'secure connection failure'. can see here: https://89.160.129.62:8002 – john-jones Jun 16 '16 at 11:45
  • Apologies, that IP:PORT address gives me the error: "89.160.129.62 unexpectedly closed the connection." I cannot access it. Is there a way you can update synodins.com and I can look into it there? – Steven Rogers Jun 16 '16 at 21:39
  • You might have your socket.io not configured correctly. Please check out this question and see if setting socket.io to be dynamic (Starting with "//www.example.com" instead of "http://www.example.com") OR specifically setting socket.io to use https instead of http. http://stackoverflow.com/questions/6599470/node-js-socket-io-with-ssl – Steven Rogers Jun 16 '16 at 21:43
  • You mean in https://synodins.com/apps/chat/client.txt, to change var connection=io.connect('http://89.160.129.62:8002');? Should i have it //https:.. ? – john-jones Jun 17 '16 at 03:08
  • Yes, change it from `io.connect('89.160.129.62:8002');` to `io.connect('https://89.160.129.62:8002');` – Steven Rogers Jun 17 '16 at 18:03
  • If that IP is on a different server, make sure that other server has an SSL certificate and can serve over HTTPS. It appears your current domain does this. If this node server is running on your current domain, I would recommend putting the domain name in there instead like `io.connect('https://synodins.com');` And if you absolutely need to specify the port number `8002`, I believe you can do it like `io.connect('https://synodins.com:8002');` Please let me know if that works, if not I'll keep working iwth you to figure this out. – Steven Rogers Jun 17 '16 at 18:06
  • I tried accessing the site in the original question. Could you leave it as those settings I suggested and send a link again to check it out? – Steven Rogers Jul 01 '16 at 22:51
  • I restarted the nodejs server. – john-jones Jul 02 '16 at 11:39
0

Include this latest client side script in your code:

<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.3/socket.io.js"></script>
Purav Barot
  • 81
  • 2