Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '<URL>'. This request has been blocked; the content must be served over HTTPS.
See original GitHub issueHello, my socket client page (client.html) wors when my domain did not have a ssl. but if I installed ssl with Let’s Encrypt on plesk (windows) when the client.html does not work. Error code : Mixed Content: The page at ‘<URL>’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘<URL>’. This request has been blocked; the content must be served over HTTPS.
what should I do ?
javascript code:
var socket = io('http://socket.domain.com:2020');
… SHORTLY : No SSL http://socket.domain.com/client.html
var socket = io('http://socket.domain.com:2020');
it is work
Domain has a SSL ( Let’s Encrypt ) http(s)😕/socket.domain.com/client.html
var socket = io('http://socket.domain.com:2020');
it is not work
Issue Analytics
- State:
- Created 4 years ago
- Comments:10 (2 by maintainers)
Top Results From Across the Web
"Mixed content blocked" when running an HTTP AJAX ...
Mixed Content : The page at 'https://page.com' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://XX.XXX.XX.XXX/vicidial/ ...
Read more >How to fix a website with blocked mixed content - Web security
If your website delivers HTTPS pages, all active mixed content delivered via HTTP on this pages will be blocked by default.
Read more >Fixing mixed content - web.dev
If your site is published using a content management system, it is possible that links to insecure URLs are inserted when pages are...
Read more >the content must be served over HTTPS' error in Chrome
There is a error like, "This request has been blocked; the content must be served over HTTPS" in the Console on Chrome developer...
Read more >How to Quickly Fix Mixed Content Warnings (HTTPS/SSL)
Mixed content warnings are common after an HTTPS migration or adding a ... request has been blocked; the content must be served over...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I had a similar issue making a request to an endpoint in JS, I solved the error by adding the meta tag below… I found it on stack overflow
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests" />
I hope it helps 😃I recommend using a Nginx reverse proxy to have the port accessible from a url path, and then have the base domain covered by a HTTPS certificate. Essentially, socket.domain.com:80 is the reverse proxy and directs the requests to :2020.