I have a geolocation code, but Chrome won’t give me permission to execute it

Asked

Viewed 92 times

2

I would like to know, if I have to give some kind of permission, for the code to work in Chrome, because in mozila it can give me the location. Follow the code below`

function writeAddressName(latLng) {
    var geocoder = new google.maps.Geocoder();
    geocoder.geocode({
    "location": latLng

    },
    function(results, status) {
      if (status == google.maps.GeocoderStatus.OK)
        document.getElementById("address").innerHTML = results[0].formatted_address;
      else
        document.getElementById("error").innerHTML += "Unable to retrieve your address" + "<br />";
    });
  }



  function geolocationSuccess(position) {
    var userLatLng = new google.maps.LatLng(position.coords.latitude, position.coords.longitude);
    // Escreva o endereço da localização
    writeAddressName(userLatLng);





    // Coloque o marcador na posição do usuario
      new google.maps.Marker({
      map: map,
      icon:'img/aqui',
      position: userLatLng

    });


    // Desenhe um círculo em torno da posição do usuário para ter uma idéia da precisão de localização atual
    var circle = new google.maps.Circle({
      center: userLatLng,
      radius: 500,
      map: map,
      fillColor: '#0000FF',
      fillOpacity: 0.3,
      strokeColor: '#0000FF',
      strokeOpacity: 1.0,


    });
    map.fitBounds(circle.getBounds());
  }

  function geolocationError(positionError) {
    document.getElementById("error").innerHTML += "Error: " + positionError.message + "<br />";
  }

  function geolocateUser() {
    // Verifica se o navegador suportar a Geolocation API
    if (navigator.geolocation)
    {
      var positionOptions = {
        enableHighAccuracy: true,
        timeout: 10 * 1000 // 10 seconds

      };
      navigator.geolocation.getCurrentPosition(geolocationSuccess, geolocationError, positionOptions);
    }
    else
      document.getElementById("error").innerHTML += "Your browser doesn't support the Geolocation API";
  }

  window.onload = geolocateUser; 
  • 2

    getCurrentPosition() and watchPosition() no longer work on insecure Origins. To use this Feature, you should consider switching your application to a Secure origin, such as HTTPS. See https://goo.gl/rStTGz for more Details.

1 answer

3


Turning Pedro Augusto’s comment into a response. The Chromium people (the project Chrome is based on) no longer accept certain features to work over HTTP. You will only be able to use on top of HTTPS for security reasons.

Source: https://sites.google.com/a/chromium.org/dev/Home/chromium-security/deprecating-powerful-features-on-insecure-origins

We want to start Applying the Concepts in https://w3c.github.io/webappsec-secure-contexts/ to Features that have already shipped and which do not Meet the (new, not present at the time) Quirements. In particular, this approximately requires that Powerful Features only be accessible on "Secure Origins" (such as HTTPS)

Free translation:

We want to start applying the concepts in https://w3c.github.io/webappsec-secure-contexts/ functionalities that have already been released and that do not fit the new requirements (that were not present when the functionalities were released). In particular, this means that powerful [sic] features will only be accessible from secure sources (such as HTTPS).

In other words: you’ll need an SSL certificate on your server to continue using Chrome geolocation the way you’re doing.

  • Thank you, you took the words right out of my mouth :)

  • 1

    In addition, if you consider using SSL, try openssl or buy some certificate. Several companies sell and are not as expensive.

  • There was a scene of Hitchhiker of the Galaxies in this story of Chromium. "Como assim, esse negócio não funciona mais em HTTP? Vocês deviam ter avisado!" Then you enter the link page and they say they left the message on post it in the basement of the town hall ("We (Chrome Security) originally sent this out to various browser development mailing lists")

  • 3

    It is worth remembering that with Let’s Encrypt and other ACME-based implementations have no excuse for a person not having HTTPS today. It’s free, automatic, standardized and well accepted.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.