Currently creating an application launcher and updater based on a web page. Knowing the limitations of browsers (security reasons), for my project I needed to have a local application to control the update and the creation of the OS process.
While testing and researching for a good amount of time; Now I have a working local-app, written in Go, that can create a process and kill it from an ajax POST request. I prepared some code to show, how my current attempt looks like (nothing fancy) :
index.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>api_test</title>
<script src="js/jquery-3.0.0.min.js"></script>
<script src="js/script.js"></script>
</head>
<body>
<h2 id="statusText"></h2>
</body>
</html>
js/script.js
$(document).ready(function(){
console.log("Hey! ;)");
tryConnection();
});
function tryConnection() {
var statusReq = $.ajax({
method: "GET",
url: "http://127.0.0.1:9091/api/test",
dataType: "json"
});
statusReq.fail(function(){
$('#statusText').text("Fail");
setTimeout(tryConnection, 5000);
});
statusReq.done(function(json){
$('#statusText').text(json.status);
console.log("Integer result: " + json.result);
setTimeout(tryConnection, 10000);
});
}
Local application, app.go
package main
import (
"log"
"net/http"
"encoding/json"
)
type APITest struct {
Status string `json:"status"`
Result int `json:"result,omitempty"`
};
func testHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*");
TestValue := APITest{Status: "Works!", Result: 123};
json.NewEncoder(w).Encode(&TestValue);
}
func main() {
log.Println("Started!");
http.HandleFunc("/api/test", testHandler);
err := http.ListenAndServe("127.0.0.1:9091", nil);
if err != nil {
log.Fatal("Error occured:", err);
}
}
Everything seems to be fine! But..
The only problem I currently can't figure out is, How can I actually add support for https:// connections without the need to carry the compiled binary with a cert and key file? Because I want to implement this feature into a https:// only website and mixing together https and http connections, results in a blocked mixed content error from browser security restrictions, which is understandable.
Maybe there are some other ways to implement this kind of communication? (to be clear, for WebSockets a secure connection is needed too).
