<div><div><div style="position:!important;overflow:!important;color:rgb( 31 , 35 , 40 );font-family:'-apple-system' , 'blinkmacsystemfont' , 'segoe ui' , 'noto sans' , 'helvetica' , 'arial' , sans-serif , 'apple color emoji' , 'segoe ui emoji';font-size:16px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><pre style="font-size:13.6px;margin-top:0px;margin-bottom:0px;line-height:1.45;border-radius:6px" dir="auto"><code style="font-size:13.6px;padding:0px;margin:0px;white-space:pre;background:rgba(0,0,0,0);border-radius:6px;border:0px;display:inline;line-height:inherit">For https, you can run one of these two commands, then configure in your web server. </code></pre><pre style="font-size:13.6px;margin-top:0px;margin-bottom:0px;line-height:1.45;border-radius:6px" dir="auto"><code style="font-size:13.6px;padding:0px;margin:0px;white-space:pre;background:rgba(0,0,0,0);border-radius:6px;border:0px;display:inline;line-height:inherit"><br></code></pre><pre style="font-size:13.6px;margin-top:0px;margin-bottom:0px;line-height:1.45;border-radius:6px" dir="auto"><code style="font-size:13.6px;padding:0px;margin:0px;white-space:pre;background:rgba(0,0,0,0);border-radius:6px;border:0px;display:inline;line-height:inherit"><br></code></pre><pre style="font-size:13.6px;margin-top:0px;margin-bottom:0px;line-height:1.45;border-radius:6px" dir="auto"><code style="font-size:13.6px;padding:0px;margin:0px;white-space:pre;background:rgba(0,0,0,0);border-radius:6px;border:0px;display:inline;line-height:inherit"># interactive</code></pre><pre style="font-size:13.6px;margin-top:0px;margin-bottom:0px;line-height:1.45;border-radius:6px" dir="auto"><code style="font-size:13.6px;padding:0px;margin:0px;white-space:pre;background:rgba(0,0,0,0);border-radius:6px;border:0px;display:inline;line-height:inherit">openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes
# non-interactive, 10 years expiration in git for windows (git bash), localhost
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj '//CN=localhost'
</code></pre><div style="display:block"></div></div></div></div><div dir="auto"><br></div><div dir="auto">This is what I use for node.js. I don’t check in the keys.</div><div dir="auto"><br></div><div dir="auto">I believe Let’s Encrypt is still available for non-localhost.</div><div dir="auto"><div class="gmail_quote gmail_quote_container" dir="auto"><div dir="ltr" class="gmail_attr">On Tue, Jul 15, 2025 at 3:44 PM Andreas Plesch via x3d-public <<a href="mailto:x3d-public@web3d.org">x3d-public@web3d.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div>Hi Don,</div><div><br></div><div>The images and the relative url are completely legal. The problem is the file:// protocol which is not compatible with CORS in general. The simplest solution is to just run a small httpd server (node, python, java: <a href="https://docs.oracle.com/en/java/javase/21/docs/specs/man/jwebserver.html" target="_blank">https://docs.oracle.com/en/java/javase/21/docs/specs/man/jwebserver.html</a> ) and use <a href="https://localhost" target="_blank">https://localhost</a> . There then is no CORS setup needed. This is actually development which is closer to deployment because then both use a http server.</div><div><br></div><div>x3dom can catch the exception but cannot make it ok for the web browser to load the image file anyway. Unfortunately, it is the web browser which may be seen as overzealous.</div><div><br></div><div>Apparently, chrome has a flag to disable CORS checking (not tested):</div><div><br></div><div><a href="https://medium.com/@beligh.hamdi/run-chrome-browser-without-cors-872747142c61" target="_blank">https://medium.com/@beligh.hamdi/run-chrome-browser-without-cors-872747142c61</a></div><div><a href="https://blog.christopherhoelter.com/disable-cors-checks-chrome" target="_blank">https://blog.christopherhoelter.com/disable-cors-checks-chrome</a></div><div><br></div><div>Similarly, firefox has a config option which persists (tested, worked for me):</div><div><br></div><div><a href="https://www.devdude.com/disable-cors/" target="_blank">https://www.devdude.com/disable-cors/</a></div><div><br></div><div>Hope this helps, -Andreas</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Message: 1<br>
Date: Tue, 15 Jul 2025 11:00:29 -0700<br>
From: Don Brutzman <<a href="mailto:don.brutzman@gmail.com" target="_blank">don.brutzman@gmail.com</a>><br>
To: "Extensible 3D (X3D) Graphics public discussion"<br>
<<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>><br>
Cc: "<a href="mailto:vmarchetti@kshell.com" target="_blank">vmarchetti@kshell.com</a>" <<a href="mailto:vmarchetti@kshell.com" target="_blank">vmarchetti@kshell.com</a>>,<br>
<a href="mailto:x3dom-developers@lists.sourceforge.net" target="_blank">x3dom-developers@lists.sourceforge.net</a><br>
Subject: Re: [x3d-public] X3DOM dev url changed, HTML invocation<br>
questions<br>
Message-ID:<br>
<CABx5f7eezsn1LURQft==ECQ85OZ3hmHqLSrWb7YNh6_VhPy=<a href="mailto:9Q@mail.gmail.com" target="_blank">9Q@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Interesting... I pulled down a fresh copy of Firefox and tested there as<br>
well. Once again, no images loaded into the X3DOM scene.<br>
<br>
These images should be legal and allowed by X3DOM, they are in a direct<br>
subdirectory beneath the X3DOM page in question. They would be allowed in<br>
any other HTML page.<br>
<br>
Possible approach: perhaps x3dom.js can catch the exception and treat it as<br>
OK, when appropriate? The following debugger screenshot from Firefox<br>
hints at that possibility, i.e. "Uncaught DOMException"<br>
<br>
[image: image.png]<br>
<br>
(Opinion: running a local CORS server is of course a workaround, but that<br>
means development/testing with a difference setup than deployment, slowing<br>
efforts and introducing other potential issues. So relaxing this<br>
overzealous restriction on local content loading local content seems<br>
worthwhile.)<br>
<br>
all the best, Don<br>
<br>
On Tue, Jul 15, 2025 at 4:40?AM vmarchetti--- via x3d-public <<br>
<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>> wrote:<br>
<br>
> I think these errors are a result of web browser configuration or policy<br>
> rathen than a change in the x3dom code.<br>
><br>
> I am seeing the reported problem in loading ImageTexture resources from<br>
> the local file system in my install of Chrome, but not in Firefox. That<br>
> leads me to think it's a difference in how each browser is interpreting the<br>
> security risk of reading a local file through an XHR request, an issue<br>
> related to the CORS specification.<br>
><br>
> Vince Marchetti<br>
><br>
> On Jul 14, 2025, at 9:08?PM, Don Brutzman via x3d-public <<br>
> <a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a>> wrote:<br>
><br>
> Thank you Andreas. I have<br>
><br>
> - taken out the CSS for SANS, SERIF, TYPEWRITER<br>
> - updated the node-list url,<br>
> - tested both updated addresses for x3dom-full.js<br>
><br>
> Here are two examples using your preferred address:<br>
><br>
> -<br>
> <a href="https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/BoxSwitchX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/BoxSwitchX3dom.xhtml</a><br>
> -<br>
> <a href="https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/RotationCalculatorExampleX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForAdvancedModeling/Animation/RotationCalculatorExampleX3dom.xhtml</a><br>
><br>
> However, a problem has emerged. Neither model is displaying image<br>
> textures when launched on local host.<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/WhiteImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/YellowImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request:<br>
> images/TurquoiseImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/GreenImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/GreyImage.png<br>
> ERROR: [Utils|createTexture2D] Can't http request: images/RedImage.png<br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
> <image.png><br>
><br>
> Hopefully this is a fixable issue, TIA for any scrutiny. This was a very<br>
> useful capability when invoking the original<br>
> <a href="https://x3dom.org/download/dev/x3dom-full.js" rel="noreferrer" target="_blank">https://x3dom.org/download/dev/x3dom-full.js</a><br>
><br>
> all the best, Don<br>
><br>
> On Sun, Jul 13, 2025 at 8:45?PM Andreas Plesch <<a href="mailto:andreasplesch@gmail.com" target="_blank">andreasplesch@gmail.com</a>><br>
> wrote:<br>
><br>
>> Answers below.<br>
>><br>
>> On Sun, Jul 13, 2025 at 2:21?PM Don Brutzman <<a href="mailto:don.brutzman@gmail.com" target="_blank">don.brutzman@gmail.com</a>><br>
>> wrote:<br>
>><br>
>>> Andreas writes on 10 JUL 2025:<br>
>>><br>
>>>> I have deployed a new dev version.<br>
>>>> Please note that the download link for the dev version of x3dom has<br>
>>>> migrated from <a href="http://x3dom.org/download/dev" rel="noreferrer" target="_blank">x3dom.org/download/dev</a> (not updated) to<br>
>>>> <a href="https://cdn.jsdelivr.net/gh/x3dom/x3dom-dev/dist/x3dom.js" rel="noreferrer" target="_blank">https://cdn.jsdelivr.net/gh/x3dom/x3dom-dev/dist/x3dom.js</a> (preferred)<br>
>>>> or<br>
>>>> <a href="https://x3dom.github.io/x3dom-dev/dist/x3dom.js" rel="noreferrer" target="_blank">https://x3dom.github.io/x3dom-dev/dist/x3dom.js</a><br>
>>>> which is<br>
>>>> automatically updated through<br>
>>>> <a href="https://github.com/x3dom/x3dom-dev" rel="noreferrer" target="_blank">https://github.com/x3dom/x3dom-dev</a><br>
>>>> for every merged PR at<br>
>>>> <a href="https://github.com/x3dom/x3dom" rel="noreferrer" target="_blank">https://github.com/x3dom/x3dom</a><br>
>>>> The netlify link is obsolete.<br>
>>><br>
>>><br>
>>>> Andreas<br>
>>><br>
>>><br>
>>> Thanks for the alert. I am hoping to get the address and invocation<br>
>>> correct in our X3D Example Archives scenes by updating the conversion<br>
>>> stylesheet.<br>
>>><br>
>>> - X3D Example Archives<br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dResources.html#Examples" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dResources.html#Examples</a><br>
>>> -<br>
>>> <a href="https://sourceforge.net/p/x3d/code/HEAD/tree/www.web3d.org/x3d/stylesheets/X3dToX3domX_ITE.xslt" rel="noreferrer" target="_blank">https://sourceforge.net/p/x3d/code/HEAD/tree/www.web3d.org/x3d/stylesheets/X3dToX3domX_ITE.xslt</a><br>
>>><br>
>>> The X3dToX3domX_ITE.xslt stylesheet produces the following header in<br>
>>> these examples:<br>
>>><br>
>>> - X3D Example Archives: X3D4WA, X3D for Web Authors, Chapter 01<br>
>>> Technical Overview, Hello World<br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldIndex.html" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldIndex.html</a><br>
>>> -<br>
>>> <a href="https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldX3dom.xhtml" rel="noreferrer" target="_blank">https://www.web3d.org/x3d/content/examples/X3dForWebAuthors/Chapter01TechnicalOverview/HelloWorldX3dom.xhtml</a></blockquote></div></div><div dir="ltr"><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>Andreas Plesch<br>Waltham, MA 02453</div></div></div></div>
_______________________________________________<br>
x3d-public mailing list<br>
<a href="mailto:x3d-public@web3d.org" target="_blank">x3d-public@web3d.org</a><br>
<a href="http://web3d.org/mailman/listinfo/x3d-public_web3d.org" rel="noreferrer" target="_blank">http://web3d.org/mailman/listinfo/x3d-public_web3d.org</a><br>
</blockquote></div></div>