I got caught out this weekend with a couple of client websites that use the Geolocation API to get a location for various tasks. The reason? Google Chrome no longer allows it to work unless the domain uses HTTPS.
Starting in Chrome Version 50, non-HTTPS Geolocation API access has been disabled.
Ordinarily I'd have no problem with this because I can see where the Chrome team are coming from - location privacy is an important thing, but I feel like they've gone about it completely the wrong way.
Firstly, there's barely been any announcement by Google apart from on a few developer blog posts (hence why sites like Hulu.com, Yelp.com etc have been caught out along with small-fry such as myself).
Secondly though, there's no choice to the user. The API call simply fails and outputs a message to the Debug Console (which no user will ever see), leaving them clicking and thinking that the website is broken. Surely a better solution would be to give them a choice by popping open a message saying "Hey, you're about to give your location away over an insecure connection - are you sure?".
Anyway, that's that - it doesn't work any more so you have a choice - either stop using Geolocation, stop using Chrome, or purchase an SSL certificate for your domain and get ready for some 301 redirect action.
Please consider what you post!
Chillax if you're angry.