sendWebRequest issue

  • administrators

    @borispio said in sendWebRequest issue:

    So generally sendWebRequests need to have https in the urls in order to avoid a 'mixed content blocked error'. Basically a secure connection can't load any unsecure connection resource (https can't load an http resource).

    The problem with your URL is that your self-signed certificate is mistrusted by the browser (chrome/firefox). If you try loading your url with https, you'll see that it doesn't go directly to the page. Furthermore, Postman refuses to load your https endpoint, but has no trouble loading your http endpoint. This is super annoying to deal with, but that's how the browsers achieve higher security. Fortunately your script still returns properly and executes on the iOS end.

    My recommendation is to either buy a real certificate for your domain, or enable your browser to trust self-signed SSL certificates:

    Please let me know if either of these work.



  • administrators


    Here's an example of an https connection that does work, for your reference.

    function onEnterRange() {
    //called when you are in range of a Dot

    sendWebRequest('', {}, {}, "GET", callback);


    function onExitRange() {
    //called when you exit the range of a Dot

    function callback(data) {
    //this code will be executed upon completion of the request.



  • administrators

    @kunal_iota To be clear, the script only works with iOS when it's http not https. It seems iOS can't load your self-signed certificate either.

  • Thank you very much! At the end I added my self-signed cert as trusted by my computer, so I can go on with the development.
    In fact, I have developed the full script to monitor the public transport status at my stop (but I have to test it).
    Another bug is that body parameters are NOT sent when POST method is selected, while they are sent in a strange form with GET method. I used a workaround and added the parameters directly into the url and it works fine, but it is annoying to do this.
    I'll keep you updated if the script runs also on my dot.

  • administrators

    @borispio Interesting, I'll take a look at the body parameters.

  • @kunal_iota Short message just to confirm that the http (without SSL) version works on iOS, while the https works in the browser (after adding my self-signed cert as trusted system-wide).
    Maybe this information can be useful also to other.
    I'll follow the thread to get news about the body parameters issue

  • administrators

    @borispio Http does work on iOS, https works in the browser. Do you think we should enable developers to use an unsecured, http version of the IDE? In general, sorry for the trouble, I know browser certifications can be difficult to go through.

  • Piggybacking on this. I have an API (the Home-Assistant API if you're interested) that returns a list of JSON objects in response to some commands. This breaks sendWebRequest (silently I might add). Would it be possible to get a less clever sendWebRequest that sends raw data or a response object with status code, body, headers instead of attempting to parse the JSON and failing?

  • administrators

    @PhilK I can definitely look into this. The primary reason we focus on well formed json objects is that the iOS method can parse those most effectively. @grant_iota should be able to add some more insight into this.

  • administrators

    @PhilK Definitely possible, I'll make the responses more flexible in the next build we upload to the store. Our first update is currently processing.

Log in to reply

Looks like your connection to Dot Community was lost, please wait while we try to reconnect.