Widget fails if run from an HTTPS origin

[pkgw]

The pywwt demo notebook is currently failing on mybinder.org. There is one problem relating to a bug in the Jupyter libraries (see here) but another seems to be yet another incarnation of the longstanding problem that the WWT servers don't support SSL.

In particular, the SDK currently generates a lot of URLs of the form of '//worldwidetelescope.org/wwtweb/.... So if you are running pywwt from an HTTPS origin, you'll get SSL URLs, and those won't work.

As I understand it, the SDK used to specify 'http://worldwidetelescope.org/wwtweb/...' URLs, but the protocol specification was removed in the first attempt to SSL-ify things. The SSL effort was realized to have problems, but the SDK wasn't changed back.

I'd like to get mybinder working again, so I'm proposing to temporarily hack the SDK that's hosted at https://worldwidetelescope.github.io/pywwt/wwtsdk.js. The WWT resource files all seem to be marked with wholly-open CORS headers, so I believe that if we force HTTP in the SDK, browsers won't complain.

This should be fixed for real, but I hope such a hack will get mybinder working again for AAS, and AFAICT it can easily be reverted: just undo the hack on the gh-pages branch of this repo and re-push to bring the SDK back to what it used to be.

CC @astrofrog .