I'm using BlueMap with PaperMC on a Minecraft hosting provider. The issue I'm facing is that my provider's domain has HSTS enabled. That means all HTTP requests are automatically redirected to HTTPS, (Modern browsers can't access HTTP in HSTS domains at all) meaning that I can't access BlueMap's web server directly. I found a solution where I have a Cloudflare Worker running as a proxy, redirecting my HTTPS requests to my server, through HTTP.

It works well, but using the map for just 5 to 10 minutes generates 3k+ requests. Given that Cloudflare Workers have a free daily limit of 100k requests, that could easily be reached given more players using the map.

So, would it be possible to add support to HTTPS? That would remove the problem entirely, allowing a direct connection. Or even if that isn't currently possible/planned, is there a way to have a more aggressive caching? 3k requests seems like a lot, even for a map of this quality.

I'd like to bump this old topic again as I'd like to know if SSL/TLS is still out of the question, or if it's already implemented somehow.

A simple reverse proxy won’t work for me, as I need to set up an ingress for my Kubernetes cluster to properly route traffic within my network. Due to the mandatory TLS, I’m receiving a 'Bad Request' response no matter what. It would be great if there’s an option to enable or disable TLS (as BlueMap doesn't seem to like it when I downgrade the connection from HTTPS to HTTP using the ingress).

I have to admit i don't know much about kubernetes and ingress, but somehow i can't imagine that there is no way to setup kubernetes+ingress in a way that it can use bluemaps http-webserver correctly without bluemap supporting https.. ^^'

BlueMap's webserver still doesn't support ssl and there is no plans to add support as of right now.

If you have more questions about this, please visit us on our discord! :)

SSL/HTTPS support will not be implemented, because it is an advanced feature for more professional servers that also is security-relevant. This means it needs a LOT of maintenance and testing. It also introduces a ton of new possibilities for additional features, bugs and suggestions, which is not in the possible bounds.

Also: If you need SSL you can reverse-proxy bluemaps webserver with e.g. NGINX and add SSL that way :)