mixed-content

How can I get around “mixed active content” highcharts exporting error?

徘徊边缘 提交于 2019-12-11 01:06:54
问题 It appears you cannot use Exporting with https, because of "mixed active content" error. Blocked loading mixed active content "http://export.highcharts.com/" You can see this problem by viewing one of the Highmaps demos: This (http) works: http://jsfiddle.net/gh/get/jquery/1.9.1/highslide-software/highcharts.com/tree/master/samples/maps/demo/distribution/ This (https) doesn't: https://jsfiddle.net/gh/get/jquery/1.9.1/highslide-software/highcharts.com/tree/master/samples/maps/demo/distribution

Mixed content issue - insecure XMLHttpRequest endpoint

混江龙づ霸主 提交于 2019-12-10 11:39:51
问题 I am facing Mixed content issue when i browse my site in HTTPS. I am calling API from jQuery, and I haven't mentioned the protocol, so assuming browser should pick the same protocol with site browsed (http or https). My jquery code looks like below: $.get("/api/Product/GetMore", { pageIndex: currentPage }) .done(function(result) { ..... It works fine (able to get the result from API call) when browsed the site in http and do the required action to get the result. But when I browsed the site

XHR response blocked by Chrome, because of mixed content issue (http/https)

蹲街弑〆低调 提交于 2019-12-08 16:55:26
问题 I'm currently using jQuery AJAX to GET a relative URL, without scheme/domain in front of it (e.g. '/js/get_international_popup/'. The response is also a relative URL when I view my location header before I return it. When I test this locally, over HTTP, everything works as it should. However, once I test it on my live server, over HTTPS the response is blocked by Chrome, because it says it's insecure: Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an

How to fix “Mixed Content:” error when making API calls to elasticsearch from react

大城市里の小女人 提交于 2019-12-08 06:57:02
问题 I am using the bitnami version of elasticsearch from firebase. I found out that it only connects to http and not https when i tried it using postman. My create-react-app is deployed to firebase and I am getting Mixed Content: error when I try to fetch data using the axios library. Here id my code: import axios from 'axios'; axios.get('http://xx.xxx.xx.xxx//elasticsearch/tasks/task/_search?default_operator=AND&q=*', { httpsAgent: agent, method: 'get', headers: { // 'Content-Type': 'application

Block all mixed content

喜欢而已 提交于 2019-12-06 03:26:26
问题 How do I completely prevent any mixed content from loading? Current browsers are already blocking active mixed content (scripts). What I really want is to block all of it including images. Purpose of this is to immediately see every offending image or file as broken, but not as an ambiguous warning in the address bar. Is there a cross-browser way to do that? 回答1: The standard way to strictly block all mixed content: block-all-mixed-content CSP directive. In the simplest case if you’re not

Got “Blocked loading mixed active content” on HTTP website

可紊 提交于 2019-12-04 17:11:08
问题 Problem I'm developing a website served using HTTP protocol. In development I use Webpack with it's webpack-dev-server, which serves the page locally on http://localhost:9090 . I was surprised to see in Firefox 58 console the following mixed content error about loading the font file. It's weird to me, cause the page is served using HTTP not HTTPS and I thought mixed content errors are limited only to HTTPS pages. `Blocked loading mixed active content “http://localhost:9090

How to get Latest Chrome (Version 55) to allow mixed content?

折月煮酒 提交于 2019-12-04 07:37:04
I have a chrome extension that communicates using HTTP in development and HTTPS in production. I run it from webpages that use HTTPS. When I use this extension in my development mode I get the following error. Mixed Content: The page at ' https://somesite.com ' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ' http://david-sniper.local:3001/api/end-point '. This content should also be served over HTTPS. In the past I have been able to resolve this error by going reading this post how-to-get-chrome-to-allow-mixed-content There are two solutiions in this post. "C:

HTTPS iframe inside a HTTPS page not working

流过昼夜 提交于 2019-12-03 16:53:50
问题 How can we use github pages embedded in an iframe correctly? I've hosted a website in firebase and it is using a custom domain over https, for example, https://www.example.com . This website uses react and other things, but for one route (the landing page one) I would like to use a static page hosted on github, for example https://example.github.io/page . So, to achieve this I've created an iframe inside the route https://www.example.com/page . The problem is I've been receiving the following

Forcing AJAX call to be HTTPS from HTTPS Page

一世执手 提交于 2019-12-03 11:23:58
Currently making an AJAX call from a HTTPS jsp to call in data from another jsp page. We are however getting a Mixed content issue: Mixed Content: The page at ' https://etc/ ' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ' http://etc/path/to/other/page.jsp '. This request has been blocked; the content must be served over HTTPS. How do you force an AJAX call to call over HTTPS? The AJAX call looks like the following: var url = "/path/to/other/page.jsp"; $.ajax({ type: "POST", url: url, data: {data: data}, dataType: "html", timeout: 4000, success: function(html) { /*

Possible to allow HTTP requests from HTTPS website?

一笑奈何 提交于 2019-12-01 08:20:14
I have installed a (non wildcard) SSL certificate so my website can use HTTPS. When I try to request resources from HTTP urls I get error-message like: Mixed Content: The page at ' https://example.com/ ' was loaded over HTTPS, but requested an insecure stylesheet ' http://resources.example.com/style.css '. This request has been blocked; the content must be served over HTTPS. I get that it probably is a bad practice according to all kinds of opinions people might have when it comes to mix http and https, but I only ask for static resources that I don't regard as critical over http. Tried to
订阅 mixed-content