<div dir="auto">I think one advantage of using a Java Web Server is that it has access to certificates in cacerts file in the Java distribution (maybe Jakarta now). It’s a messy job to add certificates there, and you have to know the default password. The biggest problem might be getting the changes past configuration management.</div><div dir="auto"><br></div><div dir="auto">No guarantees, but you should be able to get Java https working this way for your site.</div><div dir="auto"><br></div><div dir="auto">As of 13 years ago. I gave up on Java server-side a long time ago.</div><div dir="auto"><br></div><div dir="auto">I do think localhost is already in cacerts.</div><div dir="auto"><br></div><div dir="auto">Make backups in case you mess up.</div><div dir="auto"><br></div><div dir="auto">John </div><div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Tue, Jul 15, 2025 at 9:57 PM Don Brutzman via x3d-public <<a href="mailto:x3d-public@web3d.org">x3d-public@web3d.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto">Thank you very much for helpful information. </div><div dir="auto"><br></div><div dir="auto">It sounds like a careful reading of the CORS related specification will be appropriate. We might need to poke<span style="font-family:-apple-system,sans-serif"> the web browsers themselves (and W3C) if they are not implementing consistently.</span></div><div dir="auto"><br></div><div dir="auto">If we are not successful getting the same treatment as HTML itself, then more work is needed. Right now we have a handful of inconvenient/contorted workarounds… we will need to strive for some sort of consistency for best practices that are<span style="font-family:-apple-system,sans-serif"> making it _easy_ for regular developers and plain old web users to get work done. </span></div><div dir="auto"><br></div><div dir="auto">The challenges keep morphing, we can rise to meet them. Onward we go.<br clear="all"><br clear="all"><div dir="auto"><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">all the best, Don</div></div></div><div dir="auto"><div dir="auto"><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><br>-- <br>Don Brutzman <br>X3D graphics, virtual worlds, Navy robotics <br><a href="https://faculty.nps.edu/brutzman" target="_blank">https://faculty.nps.edu/brutzman</a><br></div></div></div><div><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 15, 2025 at 13:44 Andreas Plesch via x3d-public <<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div>Hi Don,</div><div><br></div><div>The images and the relative url are completely legal. The problem is the file:// protocol which is not compatible with CORS in general. The simplest solution is to just run a small httpd server (node, python, java: <a href="https://docs.oracle.com/en/java/javase/21/docs/specs/man/jwebserver.html" target="_blank">https://docs.oracle.com/en/java/javase/21/docs/specs/man/jwebserver.html</a> ) and use <a href="https://localhost" target="_blank">https://localhost</a> . There then is no CORS setup needed. This is actually development which is closer to deployment because then both use a http server.</div><div><br></div><div>x3dom can catch the exception but cannot make it ok for the web browser to load the image file anyway. Unfortunately, it is the web browser which may be seen as overzealous.</div><div><br></div><div>Apparently, chrome has a flag to disable CORS checking (not tested):</div><div><br></div><div><a href="https://medium.com/@beligh.hamdi/run-chrome-browser-without-cors-872747142c61" target="_blank">https://medium.com/@beligh.hamdi/run-chrome-browser-without-cors-872747142c61</a></div><div><a href="https://blog.christopherhoelter.com/disable-cors-checks-chrome" target="_blank">https://blog.christopherhoelter.com/disable-cors-checks-chrome</a></div><div><br></div><div>Similarly, firefox has a config option which persists (tested, worked for me):</div><div><br></div><div><a href="https://www.devdude.com/disable-cors/" target="_blank">https://www.devdude.com/disable-cors/</a></div><div><br></div><div>Hope this helps, -Andreas</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Message: 1<br>
Date: Tue, 15 Jul 2025 11:00:29 -0700<br>
From: Don Brutzman <<a href="mailto:don.brutzman@gmail.com" target="_blank">don.brutzman@gmail.com</a>><br>
To: "Extensible 3D (X3D) Graphics public discussion"<br>
<<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>><br>
Cc: "<a href="mailto:vmarchetti@kshell.com" target="_blank">vmarchetti@kshell.com</a>" <<a href="mailto:vmarchetti@kshell.com" target="_blank">vmarchetti@kshell.com</a>>,<br>
<a href="mailto:x3dom-developers@lists.sourceforge.net" target="_blank">x3dom-developers@lists.sourceforge.net</a><br>
Subject: Re: [x3d-public] X3DOM dev url changed, HTML invocation<br>
questions<br>
Message-ID:<br>
<CABx5f7eezsn1LURQft==ECQ85OZ3hmHqLSrWb7YNh6_VhPy=<a href="mailto:9Q@mail.gmail.com" target="_blank">9Q@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Interesting... I pulled down a fresh copy of Firefox and tested there as<br>
well. Once again, no images loaded into the X3DOM scene.<br>
<br>
These images should be legal and allowed by X3DOM, they are in a direct<br>
subdirectory beneath the X3DOM page in question. They would be allowed in<br>
any other HTML page.<br>
<br>
Possible approach: perhaps x3dom.js can catch the exception and treat it as<br>
OK, when appropriate? The following debugger screenshot from Firefox<br>
hints at that possibility, i.e. "Uncaught DOMException"<br>
<br>
[image: image.png]<br>
<br>
(Opinion: running a local CORS server is of course a workaround, but that<br>
means development/testing with a difference setup than deployment, slowing<br>
efforts and introducing other potential issues. So relaxing this<br>
overzealous restriction on local content loading local content seems<br>
worthwhile.)<br>
<br>
all the best, Don<br>
<br>
On Tue, Jul 15, 2025 at 4:40?AM vmarchetti--- via x3d-public <<br>
<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>> wrote:<br>
<br>
> I think these errors are a result of web browser configuration or policy<br>
> rathen than a change in the x3dom code.<br>
><br>
> I am seeing the reported problem in loading ImageTexture resources from<br>
> the local file system in my install of Chrome, but not in Firefox. That<br>
> leads me to think it's a difference in how each browser is interpreting the<br>
> security risk of reading a local file through an XHR request, an issue<br>
> related to the CORS specification.<br>
><br>
> Vince Marchetti<br>
><br>
> On Jul 14, 2025, at 9:08?PM, Don Brutzman via x3d-public <<br>
> <a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>> wrote:<br>
><br>
> Thank you Andreas. I have<br>
><br>
> - taken out the CSS for SANS, SERIF, TYPEWRITER<br>
> - updated the node-list url,<br>
> - tested both updated addresses for x3dom-full.js<br>
><br>
> Here are two examples using your preferred address:<br>
><br>
> -<br>
> <a href="https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/BoxSwitchX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/BoxSwitchX3dom.xhtml</a><br>
> -<br>
> <a href="https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/RotationCalculatorExampleX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/RotationCalculatorExampleX3dom.xhtml</a><br>
><br>
> However, a problem has emerged. Neither model is displaying image<br>
> textures when launched on local host.<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/WhiteImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/YellowImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request:<br>
> images/TurquoiseImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/GreenImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/GreyImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/RedImage.png<br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
> <image.png><br>
><br>
> Hopefully this is a fixable issue, TIA for any scrutiny. This was a very<br>
> useful capability when invoking the original<br>
> <a href="https://x3dom.org/download/dev/x3dom-full.js" rel="noreferrer" target="_blank">https://x3dom.org/download/dev/x3dom-full.js</a><br>
><br>
> all the best, Don<br>
><br>
> On Sun, Jul 13, 2025 at 8:45?PM Andreas Plesch <<a href="mailto:andreasplesch@gmail.com" target="_blank">andreasplesch@gmail.com</a>><br>
> wrote:<br>
><br>
>> Answers below.<br>
>><br>
>> On Sun, Jul 13, 2025 at 2:21?PM Don Brutzman <<a href="mailto:don.brutzman@gmail.com" target="_blank">don.brutzman@gmail.com</a>><br>
>> wrote:<br>
>><br>
>>> Andreas writes on 10 JUL 2025:<br>
>>><br>
>>>> I have deployed a new dev version.<br>
>>>> Please note that the download link for the dev version of x3dom has<br>
>>>> migrated from <a href="http://x3dom.org/download/dev" rel="noreferrer" target="_blank">x3dom.org/download/dev</a> (not updated) to<br>
>>>> <a href="https://cdn.jsdelivr.net/gh/x3dom/x3dom-dev/dist/x3dom.js" rel="noreferrer" target="_blank">https://cdn.jsdelivr.net/gh/x3dom/x3dom-dev/dist/x3dom.js</a> (preferred)<br>
>>>> or<br>
>>>> <a href="https://x3dom.github.io/x3dom-dev/dist/x3dom.js" rel="noreferrer" target="_blank">https://x3dom.github.io/x3dom-dev/dist/x3dom.js</a><br>
>>>> which is<br>
>>>> automatically updated through<br>
>>>> <a href="https://github.com/x3dom/x3dom-dev" rel="noreferrer" target="_blank">https://github.com/x3dom/x3dom-dev</a><br>
>>>> for every merged PR at<br>
>>>> <a href="https://github.com/x3dom/x3dom" rel="noreferrer" target="_blank">https://github.com/x3dom/x3dom</a><br>
>>>> The netlify link is obsolete.<br>
>>><br>
>>><br>
>>>> Andreas<br>
>>><br>
>>><br>
>>> Thanks for the alert. I am hoping to get the address and invocation<br>
>>> correct in our X3D Example Archives scenes by updating the conversion<br>
>>> stylesheet.<br>
>>><br>
>>> - X3D Example Archives<br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dResources.html#Examples" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dResources.html#Examples</a><br>
>>> -<br>
>>> <a href="https://sourceforge.net/p/x3d/code/HEAD/tree/www.web3d.org/x3d/stylesheets/X3dToX3domX_ITE.xslt" rel="noreferrer" target="_blank">https://sourceforge.net/p/x3d/code/HEAD/tree/www.web3d.org/x3d/stylesheets/X3dToX3domX_ITE.xslt</a><br>
>>><br>
>>> The X3dToX3domX_ITE.xslt stylesheet produces the following header in<br>
>>> these examples:<br>
>>><br>
>>> - X3D Example Archives: X3D4WA, X3D for Web Authors, Chapter 01<br>
>>> Technical Overview, Hello World<br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldIndex.html" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldIndex.html</a><br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldX3dom.xhtml</a></blockquote></div></div><div dir="ltr"><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>Andreas Plesch<br>Waltham, MA 02453</div></div></div></div>
_______________________________________________<br>
x3d-public mailing list<br>
<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a><br>
<a href="http://web3d.org/mailman/listinfo/x3d-public_web3d.org" rel="noreferrer" target="_blank">http://web3d.org/mailman/listinfo/x3d-public_web3d.org</a><br>
</blockquote></div></div>
_______________________________________________<br>
x3d-public mailing list<br>
<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a><br>
<a href="http://web3d.org/mailman/listinfo/x3d-public_web3d.org" rel="noreferrer" target="_blank">http://web3d.org/mailman/listinfo/x3d-public_web3d.org</a><br>
</blockquote></div></div>