Rollout of HTTPS proxy for author hosted imagery

That would be awesome :smiley:

What about a boxed area in the item page sidebar that was able to be used as a link to an external changelog URL? Similar to this and there is just another field on the item editing interface:

Let’s Encrypt is a great initiative that is providing a free SSL/TLS CA so that is one avenue worth exploring if you don’t want to shell out for an expensive certificate. AWS Certificate Manager is also worth a gander if your infrastructure is in AWS (currently only available in us-east-1 from memory but will eventually roll out to other regions).

Personally, I would look to use an automated changelog generator based on the code/issue changes. There are plenty of GitHub changelog generators out there that would work great if you’ve got your code in version control and that is the path I would take to avoid double handling. I’ve successfully used this in the past and there are solutions for all languages and workflows.

I would also look to have a static URL for each item’s changelog, such as https://example.com/product1/changelog, and then just update the item itself once and from there on reference that page everywhere when needed. Slack’s API change is good example of this.

Right now all of the API is read only. I don’t know whether this was a business or technical decision or we never got round to adding writeable endpoints. It would definitely be cool to see though!

I work in the Site Reliability team :slight_smile: The API isn’t really owned by a single team at the moment (many developers contribute to it based on their feature work) however I’m happy to pass this onto our product team and see if it’s something they’d be interested in pursuing further.

Good job Envato … that will speed up the process and help us the authors to improve our solutions and services.

1 Like

@Kithemes
How exactly will that help any author to improve anything? :confused:

This is a nightmare guys. I have 93 files, all using the same header image for social icons and advertising new items. I have to edit 93 files, really?! Please tell me this is a joke! Please add some kind of purge! 70%+ of authors have social icons, support images, things that need editing and are used globally on items.

What is the expiry time of the cache system used? How many days untill the image is refreshed / purged / served the new edited one? I can’t go editing 100 + files each time I want to edit an advertisement.

2 Likes

Heya,
Thanks for the feedback - I appreciate it!

Please tell me this is a joke!

Afraid not :pensive: As I mentioned in previous posts we’ve done this for a couple of reasons.

  • This is assisting authors with page load times. Prior to the asset proxy + CDN rollout, we were seeing some items take 10+ seconds to load due to the number of assets attempting to be loaded (often hitting connection restrictions within HTTP/1.1). As many people know, conversion is heavily linked to page speed performance so this assists with gaining those extra sales and money in your pocket.
  • Serving our author assets over HTTPS removed a huge blocker for moving the marketplaces towards enabling HTTPS everywhere. This will be a huge win for everyone and I’m very excited to finally see it within our reach!

Please add some kind of purge!

The ability to purge CDN assets isn’t something we’ve enabled for authors for the simple reason that caching is hard and we don’t expect our authors to understand every aspect of how caching works with browsers, downstream proxies, invalidation, etc. While our user base contains some very smart people who already manage on their end, we can’t apply it as a blanket rule to everyone and have them manage this type of thing. In the future it may be something we enable but it definitely isn’t on the roadmap at this stage.

70%+ of authors have social icons, support images, things that need editing and are used globally on items.

The authors I have spoke to about these issues have either enabled HTTPS on their hosting provider (which doesn’t end up going through the asset proxy) or they have changed the way they manage these type of things. Initially, the second option seems more drastic however the feedback I’ve received from those who have done it has been quite positive since authors have re-assessed how they are managing campaigns and they are taking advantage of Envato footing the CDN bill which is great for lowering overheads. Let’s Encrypt offers free SSL/TLS certificates if you’d like to take that route and set that up on your asset host.

What is the expiry time of the cache system used?

There is a 1 day TTL default on the CDN side since the general consensus was that the images being used by the author should be using a digest of the file or a unique naming convention (unique files are propagated immediately via the CDN). Should your origin provide cache control headers, they are respected instead of the CDN default. If you are just replacing a different image with the same name, there is no guarantee that this change will be propagated through downstream proxies since they are beyond yours (and Envato’s!) control and often downstream proxies handle their own cache invalidation based on times rather than sensible options like HTTP etags or cache control headers.

Can’t Envato add a “global header”, someplace where we can add all our information that should change globally on all items right at the top of the file? That would be a life saver not only for this case, but for every author that just wants to update one thing and doesn’t have to edit 100 files.

Cheers.

Speaking of which, why isn’t Envato Market using HTTP/2? There are 70% of global users using browsers that support HTTP/2.

1 Like

I just realized what you did here when updating my descriptions today. Guys I have over 100 files in my portfolio all linking to the same image on my server that I need to be able to swap out.

I’m not the only author doing this, every author with a big portfolio is using that strategy.

I’m not a web-dev-guy, so please give me instructions on how I can fix the problem you guys just created without having to edit 100+ files whenever I want to change my header?

If I set my server to use https, will this change all my descriptions back to use my image on my server, even though you already cached it?

Really guys why can’t you just, for ONE SINGLE TIME announce these things before you pump out a dozen problems for the authors… :frowning:

Guess what? That’s what I just did. All 130 items … have patience and good luck. And if you have Google Chrome, install stylebox and add this to your global stylesheet

.accordion-content {
    max-height: none;
    overflow: hidden;
    transition: max-height 400ms ease;
    height: auto;
}

#attribute_fields {
    display: none;
}

.save {
    position: absolute;
    z-index: 99999;
    top: 150px;
    left: 50%;
    margin-left: -150px;
}

#description {
    height: 600px;
}

Your edit button will be just above your always open description box that is larger. You’ll still have to edit all your files, but it will make things a bit easier than having to open the description box, scroll in it, then scroll all the way down to the save button.

After you’re done, just delete the stylebox global style, and you’re good to go…

Cheers mate, and I feel your pain!

Also @jacobbednarz, we asked in the old forums at least 10 times, in the new ones as well, give us a global header. Somewhere we can edit text and it will appear on all items at the top of them right under the add to collections. That way we can still use this and only have to edit 1 description rather than all our items! This would really be a life saver!

1 Like

Hey enabled, can you tell me what you did exactly? As I said, I’m not a web-dev guy. Did you enable https on your sevrer and changed every image link containing the old “http” with “https” and can now use your own images again?

Or did you just remove your globally used images?

Yes. I edited all items and removed the image that I used from my server to advertise new items, basically rendering my exposure to hell… there’s nothing to do mate. Either get an expensive SSL / TSL server, or remove the images.

Or maybe Envato will finally add a global header after years of begging! :slight_smile:

Good question!

  • HTTPS is a prerequisite for HTTP/2. While this would be fine for the asset proxy side of things, the marketplaces themselves are still undergoing some preparation for HTTPS. Once the HTTPS rollout is complete, there is no doubt in my mind that HTTP/2 will climb up the priority list since we will get a few easy wins from using it.
  • We are using AWS CloudFront for the asset proxy and as of this writing, it doesn’t have support for HTTP/2. This point has been raised with the AWS team and the chats have this on the cards later in 2016 (no exact date yet).
  • Even if CloudFront had HTTP/2 support, many of the images we are sending via it would not benefit from HTTP/2’s multiplexing abilities since it’s a single giant image and not many smaller ones.

Another thing to note here is that “70% of global users” doesn’t necessarily reflect Envato’s user base. When we make changes we perform analysis against our user base, not just the global standard. This ensures that instead of just following the crowd, we are making changes that benefit our specific use cases.

It’s not in the works at the moment (that I know of) however I’m happy to pass this onto our product teams and get their thoughts on it.

Yep! The URL is rewritten at render time so when you update or edit it, you’re editing the true source. We don’t pass this caching downstream so the changes will be available immediately.

Let’s Encrypt is a certificate authority providing free SSL/TLS certificates and they are just as valid and accepted by all the browser vendors as any other CA. Expensive certificates no longer need to be a thing. There are already many free hosting providers that offer Let’s Encrypt certificates as an integrated part of their services. Amazon Certificate Manager also offers free SSL/TLS and would be handy if you are already using other AWS resources.

I’ve got an old script somewhere that does global header/footer on item pages. I’ll see if I can find it.

Oh, please please do! This has to be added by the author or by the devs? :smiley:

I haven’t had a chance to test if it still works, but here’s my post about it on one of the original Header/Footer discussion threads 4 years ago: http://themeforest.net/forums/thread/suggestion-item-descriptions-master-header-footer/63947?page=5&message_id=577796#577796

actually it probably wont work so maybe don’t try it unless you have a backup of the item description haha.

Not a test I’m willing to take mate, but thanks though! At 140 items, if it screws up, I’m gonna edit descriptions for the entire weekend! haha!

If however, @jacobbednarz Envato could create something like this, it’d be amazing! The ability of a global header / footer on items would be absolutely awesome!

Hello there, I confirm that there is a problem with GIF files and cloudfront hosting.

The heavier is the GIF (3-5 Megs) the more chance you have that it isn’t uploaded fully and it will simply read a part of your GIF and then do a white screen.

The funniest part is that after uploading 10 times to finally get it uploaded at 100% on cloudfront just wait a couple of days / weeks and your GIF won’t work anymore… white screen.

I have to check every week all my items and re-upload GIF’s which don’t work anymore.

Is there anyway to contact cloudfront to know what is hapening here, this is putting in danger sales for a lot of authors who use GIF’s to promote ? Please.

Hi friends;
This is about some of our images in Item Description Pages (all was hosted on our website + Envato’s new announcement about images on Item Descriptions)

Some of our images are only displaying only a portion of the image (in other words, they are CUT somehow)…
What could be the reason?