1

I have a gradio app mounted on a FastAPI app and hosted on Heroku, The app should request audio input permission. Locally that works but this is not the case with production. With some research I found that browsers block this kind of permissions over http (can you confirm?), So I think that I have to configure uvicorn to run https. I found this in the documentation

$ uvicorn example:app --port 5000 --ssl-keyfile=./key.pem --ssl-certfile=./cert.pem

How can I access the ssl files in heroku. and is this even what I should do? Can anyone help me with that?

Chris
  • 18,724
  • 6
  • 46
  • 80
Zine eddine Boumaza
  • 55
  • 5
  • You might [this answer](https://stackoverflow.com/a/71314494/17865804) and [this answer](https://stackoverflow.com/a/71306247/17865804) helpful as well – Chris Mar 12 '23 at 08:46

1 Answers1

0

This is not Uvicorn's responsibility.

If you are using the default your-app.herokuapp.com domain, or if you are using Basic- or Professional-tier dynos, HTTPS should already be available.

If you are using a custom domain with Eco dynos, the easiest solution¹ is to upgrade to upgrade to Basic dynos to get access to automated certificate management (ACM), which uses Let's Encrypt under the hood:

If your app is currently running on eco dynos, Heroku enables ACM automatically when you upgrade your app to use Basic or Professional dynos:

heroku ps:resize web=basic

Once HTTPS is available, you may want to configure a redirect from HTTP to HTTPS. Heroku does not do this for you. Referencing the Flask Security Guide, Heroku recommends using flask-talisman for this. Out of the box, flask-talisman configures several security-related bast practices, including a redirect from HTTP to HTTPS.

¹If you don't want to do this, your other option is to provide your own certificate via Heroku SSL. This is more work, and since you have to provide your own certificate can come with significant financial cost.

ChrisGPT was on strike
  • 127,765
  • 105
  • 273
  • 257