HTTPS support for DBpedia APIs

doctorbud · July 15, 2019, 7:32am

I would like to be able to access DBpedia’s API services from my HTTPS-hosted web page, but it appears that there are only HTTP versions of the DBpedia API exposed. This causes a Mixed-Content security error in most modern browsers, and the typical solution is for the API provider to make their service available via HTTPS.

I’m trying to access the LDF service as described here:
http://fragments.dbpedia.org (note that this is HTTP)

But my website is HTTPS, so my browser prevents this security violation (Mixed Content). https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content#Mixed_active_content

I would like to know whether there is a HTTPS version of the above LDF API to DBpedia, and if someone could provide me the proper URL to access it.

If not, is there a plan to address this limitation? While I could use a proxy, it seems an unnecessary burden considering most browsers encourage HTTPS nowadays.

Thanks

kurzum · July 15, 2019, 6:38am

Thanks for spotting this, we are trying to consolidate research prototypes at the moment into these categories:

applications for download and self-deploy
shared services: high quality free services with no guaranteed sla
dedicated (paid)

I will ping Ruben who hosts LDF to get a statement.
Sebastian

RubenVerborgh · July 15, 2019, 2:06pm

Indeed. Good news is that we have scheduled HTTPS porting for all of our services this summer, including http://fragments.dbpedia.org.

kurzum · July 16, 2019, 10:51am

@RubenVerborgh We are collecting services around the data currently manually.

Could you complete your record here:

github.com

dbpedia/databus-content/blob/master/services.ttl#L98


      databus-sys:banner          <https://raw.githubusercontent.com/dbpedia/databus-content/master/img/dbpedia_spotlight_logo.jpg> ;
      # Your databus account uri
      databus-sys:publisher       <https://databus.dbpedia.org/dbpedia> ;
      # The URL that points to your service info page or signup form
      databus-sys:homepage        <https://www.dbpedia-spotlight.org/demo/> ;
      # Databus groups that can be used with your service
      databus-sys:targetGroup     <https://databus.dbpedia.org/dbpedia/mappings> ;
      databus-sys:targetGroup     <https://databus.dbpedia.org/marvin/wiki> ;
      databus-sys:targetGroup     <https://databus.dbpedia.org/marvin/mappings> .


<https://databus.dbpedia.org/system/service/imec/fragments>
      a                           databus-sys:Service ;
      a 				    databus-sys:SharedService ;
      dct:title                   "Linked Data Fragments over DBpedia"@en ;
      dct:description             "<h1>TODO</h1> <p>TODO</p>"^^rdf:HTML ;
      dct:abstract                "TODO"@en ;
      # TODO A small icon 128x128 px for your service
      databus-sys:icon            <https://raw.githubusercontent.com/dbpedia/databus-content/master/img/sparql.png> ;
      # TODO A banner for your service (640x320 px)
      databus-sys:banner          <https://raw.githubusercontent.com/dbpedia/databus-content/master/img/dbpedia_spotlight_logo.jpg> ;
      # TODO imec or RV? Databus account needs foaf profile

You can check how it looks here: https://databus.dbpedia.org/dbpedia/mappings/mappingbased-literals
updated every 30 min.

doctorbud · August 30, 2019, 9:05pm

The examples below display the Beatles’ members using the formerBandMember predicate…

It looks like the TPF server now works with https:
https://fragments.dbpedia.org/2016-04/en?subject=http%3A%2F%2Fdbpedia.org%2Fresource%2FThe_Beatles&predicate=http%3A%2F%2Fdbpedia.org%2Fontology%2FformerBandMember&object=
The Comunica Sparql client (and the old ldf-client) still fail when I use https:
https://query.linkeddatafragments.org/#transientDatasources=https%3A%2F%2Ffragments.dbpedia.org%2F2016-04%2Fen&query=SELECT%20%3Fbeatle%20WHERE%20{ %20%20<http%3A%2F%2Fdbpedia.org%2Fresource%2FThe_Beatles>%20<http%3A%2F%2Fdbpedia.org%2Fontology%2FformerBandMember>%20%3Fbeatle%20. }

My hypothesis is that even if I access query.linkeddatafragments.org via https, it is returning metadata that points to the http version of query.linkeddatafragments.org, so that the subsequent requests from within comunica-browser.js will be to the http version, which will fail due to mixed-content errors.

I’m going to explore hacking the proxy option to the Comunica engine, so that it takes a function (optionally) instead of a prefix string. This function can rewrite the http into https prior to the subsequent requests. @RubenVerborgh if there is a better way, please let me know (or just tell me to wait longer for y’all to fix it).

Thanks

RubenVerborgh · August 30, 2019, 9:18pm

This is indeed a problem on the server side, which we will fix.

doctorbud · August 30, 2019, 9:31pm

Thanks…

In the meantime, the httpProxyHandler option to Comunica.newEngine().query() is a workaround I can use to get my work done when I’m using the programmatic API

const httpProxyHandler = {
  getProxy: function getProxy(request) {
    request.input = request.input.replace('http://fragments.dbpedia.org', 'https://fragments.dbpedia.org');
    return request;
  },
};

…

Comunica.newEngine().query(
  query,
  {
    httpProxyHandler: httpProxyHandler,
    sources: [
      {
        type: '',
        value: 'https://fragments.dbpedia.org/2016-04/en'
      }
    ]
  })

RubenVerborgh · September 12, 2019, 11:33am

The server has been updated, so queries will work as expected.
Thanks again for reporting!

anandcv · December 14, 2019, 8:21am

Hi,
Same is happening with https://live.dbpedia.org/sparql/
In chrome it gives the error : net::ERR_CERT_DATE_INVALID

I think it is a certificate problem. In main domain, it is working without any error. (i.e. https://dbpedia.org/sparql/)

I hope this will be fixed…

valexande · December 14, 2019, 6:58pm

They have same maintenance issues try to access all day.

anandcv · December 15, 2019, 10:09am

The dbpedia SPARQL endpoint service is up now. But the problem persists…
live.dbpedia/sparql is still having problems…

pkleef · December 16, 2019, 10:38am

There was a hardware failure on live.dbpedia.org over the weekend . New part will be installed tonight which should restore operations. I apologize for any inconvenience.

anandcv · December 16, 2019, 12:27pm

Thanks for looking into it.
Please also look into the certificate issue…
Thanks in advance.

pkleef · December 17, 2019, 7:54am

@anandcv @valexande /CC @kurzum

Maintenance on https://live.dbpedia.org/sparql has been completed successfully.

Issues with the certificate have been resolved as well.

anandcv · December 17, 2019, 11:35am

Thank you for the quick resolution!
Works without any issues…