Mixed Content error when making ajax call to Flask

Question

I'm trying to make an ajax call using jQuery from a https page

javascript

var load = function (param1, param2) {
    return $.getJSON("https://www.domian.com/thing/" + param1 + "/" + param2 + "/", function (data) {
        // do stuff
    })
}

flask endpoint

@app.route('/thing/<param1>/<param2>/')
def load(param1, param2):
    thing = get_thing(param1,param2)
    if thing:
        return jsonify(thing)
return jsonify(error="thing not found.")

I've tried adding

@app.after_request
def after_request(response):
    response.headers.add('Access-Control-Allow-Origin', '*')
    return response

I've also tried various different urls eg : thing/ + blah, adding/removing slashes to no avail

I'm also using Flask-SSLify

This is the error in Chrome :

Mixed Content: The page at 'https://www.domain.com/blah/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.domain.com/thing/param1/param2/'. This request has been blocked; the content must be served over HTTPS.

Anyone had similar issues?

Manwal Manwal · Accepted Answer · 2015-09-01T09:51:37

Don't return complete $.getJSON, Instead of this try to return response:

var load = function (param1, param2) {
    $.getJSON("https://www.domian.com/thing/" + param1 + "/" + param2 + "/", function (data) {
        // do stuff
        return data;
    })
}

Mixed Content error when making ajax call to Flask

1 Answers