I got caught out this weekend with a couple of client websites that use the Geolocation API to get a location for various tasks. The reason? Google Chrome no longer allows it to work unless the domain uses HTTPS.
Starting in Chrome Version 50, non-HTTPS Geolocation API access has been disabled.
Ordinarily I'd have no problem with this because I can see where the Chrome team are coming from - location privacy is an important thing, but I feel like they've gone about it completely the wrong way.
Firstly, there's barely been any announcement by Google apart from on a few developer blog posts (hence why sites like Hulu.com, Yelp.com etc have been caught out along with small-fry such as myself).
Secondly though, there's no choice to the user. The API call simply fails and outputs a message to the Debug Console (which no user will ever see), leaving them clicking and thinking that the website is broken. Surely a better solution would be to give them a choice by popping open a message saying "Hey, you're about to give your location away over an insecure connection - are you sure?".
Anyway, that's that - it doesn't work any more so you have a choice - either stop using Geolocation, stop using Chrome, or purchase an SSL certificate for your domain and get ready for some 301 redirect action.