jon r is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Here we go. A public functional beta be careful please prototype of my notes app based on Notational Velocity – data sync via @remotestorage, some Sublime Text keyboard shortcuts, [[double-bracket interlinking]], works nicely offline and on mobile too. Yellah habibi.


@rosano Lovely thing! Especially the way you implemented wiki-linking is very nice. This way it could very well become a replacement for for me.

Unfortunately I cannot make my account to work. It throws:

DiscoveryError: No storage information found for this user address.

The browser console reveals that the requests to


are blocked due to CORS mixed content, trying to access HTTP from HTTPS.

@yala Oh no! It's the first time I've heard that and I always use 5apps. Which browser is it? When I try with your address (from the last link there) on macOS Safari it takes me to the 5apps login page. Maybe there's interference from an ad blocker or something?

jon r @yala

@rosano Yes, clicking these links will redirect you to the pages, since they are HTTP requests.

CORS requests are constrained by the scheme of the origin. All requests should go to HTTPS endpoints alike.

Can be expanded to instead?

· Web · 0 · 0

@yala I'm just passing the login to the `connect` method of the remotestorage library in the same way as the official widget (no processing of the input whatsoever) so it's strange that it behaves differently for you. Could you test in another browser, or maybe a private window? I just copied the account 'email' part from that url and tried to login and it successfully started the oauth dance.

@rosano Chrome and Firefox both show the same behaviour: Your write site is served via HTTPS, and the client tries to connect to an HTTP service, which is forbidden due to mixed content errors in CORS.

@yala Ok I was able to replicate this in Firefox by disallowing insecure requests. Not sure where to fix this but I'm looking into it.

I noticed also fails similarly but with

> The Same Origin Policy disallows reading the remote resource at (Reason: CORS request did not succeed)

And if I understand correctly, webfinger.js will try http if https fails.

@rosano Now that you mention it, it's weird. Before trying to access the HTTP URLs, indeed it tries HTTPS, but says the CORS request failed.

ignoring cors [object Request] sw.js:25:20

Maybe I should file this as an issue in ... wait; of CO(u)RS(e); there was another plugin next to uMatrix, the infamous Privacy Badger, taking care of my belongings; and blocking.

Pardon me all the hazzle; now it's solved.

@yala That message is from my duct-taped service worker implementation, gotta clean that up.

Well, glad it's all good. I will try to ask on the forums anyway if anyone knows where to fix that because it really should function on pure HTTPS.

Really looking forward to any feedback you might have. 👍🏽🙂

@yala I also notice that the first link says '' - when I try to put in a random address to force a failure, it outputs the random address 3 times without '' (I tend to debug from the back end of the donkey…)

@rosano I'm using for that matter.