As it turns out, cross-domain requests are a bit of an annoying element of interent security protocol.
While I'm not positive, I believe the proliferation of IPv6 will solve several of these security issues with which IPv4 work-arounds struggle.
For now, my Date-by-Hate is inoperative (albeit deployed!) - movie suggestions and movie searches are made through a foreign API request; that API unfortunately does not utilise HTTPS. What a pain?
A few work-arounds have been offered me, the most hilarious being to simply purchase a domain, redirect the site from Heroku (https) on to an insecure (http) site, and run it from there. For the purposes of showing off the Date-by-Hate app, I suppose that is a fair idea; I would like to figure out a more permanent, and secure, way of doing things, however.
Published: 2016-11-22