12

I have a web page that uses HTML5 geolocation over HTTPS. It works a-okay on desktop browsers. On iOS Safari, however, I get the error that "Origin does not have permission to use Geolocation service". I have ensured that everything on the page loads via HTTPS -- every image, every script, and all other assets are showing HTTPS in Chrome dev tools. Nonetheless, geolocation returns the error.

Here's some of my JavaScript:

if ("geolocation" in navigator) {
    navigator.geolocation.getCurrentPosition(function (position) {
        // Do stuff with the geo data...
    }, function(error) {
        // I always end up here on iOS Safari.
        alert(error.code + ": " + error.message);
    });
} 
else {
    $("#search-results").append("Location is unavailable in this browser.");
}

What have I missed?

More info: I just grabbed the code from this W3 Schools example, which works perfectly in my iOS Safari, and pasted it on my site. It did not work. I still receive no prompt to allow geolocation on my site. I've cleared browser cache and reset location warnings in Settings to no avail.

mrcoulson
  • 1,331
  • 6
  • 20
  • 35
  • permission for the webpage/site to access `location` of the user . probably from the settings.. – Searching May 08 '17 at 20:41
  • My guess is you haven't granted location permissions in your browser. You might try (on the domain you bought) to manually grant location permissions for the URL within your browser or launch an incognito browser and accept the geolocation prompt (if it's available) – Martín May 08 '17 at 20:46
  • I've cleared settings and I am not receiving a geolocation prompt for the site. – mrcoulson May 08 '17 at 21:15
  • Can you change browser or change client machine to check whether it is a server problem? – shaochuancs May 09 '17 at 03:57
  • 3
    I got this sorted out. Although I declined other accepted answers to other questions related to HTTP content because I had verified that all content was loading over HTTPS, it turned out that mixed content was precisely the cause. On this particular page, there are lots of other JavaScript errors and warnings in the console (not all my code), so I missed two stray HTTP scripts from a third party. I contacted those guys, they fixed their scripts to use HTTPS, and now my geolocation works flawlessly. So, how do I properly handle this in SO? – mrcoulson May 09 '17 at 18:42

1 Answers1

14

I had the same problem and it is because of new standards for the Golocation API in Chrome (and Safari):

Chrome no longer supports obtaining the user's location using the HTML5 Geolocation API from pages delivered by non-secure connections.

The only solution is to host from HTTPS and remove all HTTP requests from third parties. Check your network tab in developer mode to filter out HTTP calls, this also includes images (which was the trouble in my case).

You can read more here: Geolocation API Removed from Unsecured Origins.

Mathias Mølgaard
  • 513
  • 1
  • 5
  • 14
  • 4
    Does this also apply to localhost, cause I get the same issue on localhost. I looked at the doc and it explicitly says that localhost is by default recognized as safe. – George Nov 21 '18 at 13:12