getCurrentPosition() and watchPosition() are deprecated on insecure origins

Jason Axelrod picture Jason Axelrod · Aug 20, 2015 · Viewed 99.3k times · Source

I am getting this error on my website which requests Geolocation data from the user:

getCurrentPosition() and watchPosition() are deprecated on insecure origins, and support will be removed in the future. You should consider switching your application to a secure origin, such as HTTPS. See goo.gl/rStTGz for more details.

I mean its basically just a notice, and the google link just says its being deprecated.

I have no plans on moving my website to SSL... so is there an alternative for someone like me?

Answer

gogson picture gogson · May 17, 2016

Because switching to HTTPS can be painful or impossible depending on your architecture, I found a workaround solution: you can use the Google Maps Geolocation API. Although it has usage limits, it does the job. You will need an browser API key, so don't forget to limit it's usage to your page hostname.

I use it as a fallback method to the getCurrentPosition() method if it fails. It allows me to make it work until I switch to HTTPS.

Here's the JSFiddles:

  • HTTP: getCurrentPosition() will fail and fall back to the API
  • HTTPS: getCurrentPosition() will succeed