You must use an URL as given on the eXportit server window either the local server
(on the Wifi network) URL on the top line of the "server" window, or the external
ip address URL just below.
Without authentication, you must get a page like here below, listing all the exported files.
If you configure HTTPS giving a non zero port number (by sample 8193) in the configuration, your Web Browser will prompt you with an "error message saying the X.509 certificate is not trusted through a Certificate Authority. This is perfectly normal because the application is building self signed certificates.
Each time you start the HTTP server, it builds a 2048 bit key pair, then an X.509 certificate for the public key signing it with its own IP address (the same than in the URL used to connect on it). Buying a certificate for signing from a well known Certificate Authority for each server, is more expensive than this application. Setting a fixed certificate in the application package is NOT secure.
In fact, using self signed certificates, is not a real security exposure because you must get the URL of the server from somebody you trust. You can verify the IP address in the certificate, and an IP address is unique on the network. Normally the server changes at least every day its IP address, you have to restart the server each time you have to use it, and your address is changed.
If you are travelling your IP address is changing very often. It looks better to stop somewhere if you have files to transmit to someone, then start the server, look at the URL on screen, and send it by e-mail, then wait for the end of transmission before going further.
The untrusted certificate messages depend on the Web Browser you are using.
With Mozilla Firefox you have three messages.
You must "accept the risk".
Add exception...
Confirm security exception.
Using Google Chrome, you get only one message.
Select "Proceed Anyway".
With Opera you get also only one error message.
Just "Approve" this exception.
You can avoid the error messages when starting a session with your export-it server, just using x.509 signed certificates in place of self signed. But for that you need to add the Certificate Authority's certificates in your web browser or in your operating system. You need to install the root certificate and the intermediate authority certificate. You can take these files from the assets directory of your own exportit server, or from www.ddcs.re web site, giving as URLs http://192.168.1.47/assets/export-it-1.crt or http://www.ddcs.re/export-it-1.crt, and for the second certificate, the same URL with export-it-2.crt. The precise installation procedure depends on your Web browser and your operating system. When both certificates are installed in the list of Certificate Authorities, you have just to un-select the self-signed certificates option in the configuration and to restart your server.
On Android, with any Web browser, I had many problems using self-signed certificates, although it is feasible to login, it is not possible to use files in HTTPS (everything works over HTTP). Normally we should use Phone_Settings/Security/Trusted_Credentials then Install_from_Phone_Storage after copying the files on the root of SD card but this normal way gives "user installed" and it did not work for me. I had to install the CA certificates as "system" CA certificates. To do it requires root access to the android file system, both certificates must be renamed export-it-1.crt to 741c5141.0 (files are in assets and on web site), and export-it-2.crt to 1fa683a3.0. These two files must be installed in /system/etc/security/cacerts/ and finally chmod 644 on these files to set the right bits. After a reboot you can find these certificates in the list of your Android device. Then you have to setup your eXportit servers for using signed certificates.
If you define at least one user name in the server configuration before starting it, you have to give your user name and password to connect to the server with HTTP or HTTPS.
If you are using HTTPS, these text fields are directly sent encrypted (strong) over the network. In HTTP the password is RSA encrypted by a javascript using a dynamically built X509 certificate. This certificate is prepared at server start-up, and is never the same.
If you want to come back to this login page later when using the application, you have just to enter
the simple URL pointing to the HTTP server on your browser, something like http://111.22.33.44:8192 or https://111.22.33.44:8193
and then you can login again. You are automatically logged out after 10 minutes without use.
Finally, you get the HTML page containing the list of the exported data files. If you use the authentication procedure, this list depends on the categories set for the user name you are logged in. If you are an "Owner", you get the same HTML page than with simple HTTP without authentication, but you can switch to other categories.
If a user has access to more than one category, a drop down list permits to go from one to another.
On this Web page, you can click directly on a file, then the default setting of your browser will be used, by sample video plugin can be used. The other way consists on using the checkbox to select files then clicking on the "Play" button on the top of the list, and a Javacript with HTML5 instruction will be executed. We have the limitations of HML5 on the browser you are using.
When the file lists are large, to avoid to go back to the top to click on the "Play" button, you can click directly on the empty part of the "add comment" line of any file item, to play the selected items in this list.
In this image the first video of a selection of three files is played. We are using an HTML5
video element on Firefox. The file must be a webm, an MP4 H.264, or an ogg video file.
You have the same type of restriction when selecting a list of songs. Firefox and Opera support
only ogg files, but my current Chrome version supports still mp3 in addition to ogg.
You can also look at a list of pictures (jpeg, gif and png). Images are shown for 3 seconds.
You can pause it just clicking in the middle, click left or right of the image to go backward or forward.
You can write comments at the top of the page thus per category, then you can also insert comment per group of files like video, audio,..
Finally you have the opportunity to add comments per file.
Only the writer of a comment and the members of the "owner" category can delete a comment.
Without authentication, all users are considered as administrators, they can delete all comments.
You can insert emoticons at cursor position when writing a comment just selecting it in the list just above the text entry field. The emoticon is not shown
as an image in this pure text zone but like the index preceded by two "#" signs.
If you want you can write a "left to right" text with your server configured in a language using this direction, then switch the server to a "right to left" language for writing comments in the other direction. A comment takes the configured language of the server at the time it is written. The language of the server can be changed dynamically.
The comments defined in the "owner" category are written in all categories, together with the comments of that category. The owner can provide global information on what he is sharing without rewriting it in all categories.