Geolocation not working on non-HTTPS domains with Google Chrome

Posted on Monday, October 3, 2016 at 9:15 PM into gotcha, browser, google & code by Steve Woods.
Roughly a 1 minute read.

I got caught out this weekend with a couple of client websites that use the Geolocation API to get a location for various tasks. The reason? Google Chrome no longer allows it to work unless the domain uses HTTPS.

Starting in Chrome Version 50, non-HTTPS Geolocation API access has been disabled.

Ordinarily I'd have no problem with this because I can see where the Chrome team are coming from - location privacy is an important thing, but I feel like they've gone about it completely the wrong way.

Firstly, there's barely been any announcement by Google apart from on a few developer blog posts (hence why sites like Hulu.com, Yelp.com etc have been caught out along with small-fry such as myself).

Secondly though, there's no choice to the user. The API call simply fails and outputs a message to the Debug Console (which no user will ever see), leaving them clicking and thinking that the website is broken. Surely a better solution would be to give them a choice by popping open a message saying "Hey, you're about to give your location away over an insecure connection - are you sure?".

Anyway, that's that - it doesn't work any more so you have a choice - either stop using Geolocation, stop using Chrome, or purchase an SSL certificate for your domain and get ready for some 301 redirect action.

Thanks, Google!

;

Comments

Please consider what you post!
Chillax if you're angry.