Mixed content issue - insecure XMLHttpRequest endpoint

1
votes

I am facing Mixed content issue when i browse my site in HTTPS. I am calling API from jQuery, and I haven't mentioned the protocol, so assuming browser should pick the same protocol with site browsed (http or https). My jquery code looks like below:

$.get("/api/Product/GetMore", { pageIndex: currentPage })
    .done(function(result) {
    .....

It works fine (able to get the result from API call) when browsed the site in http and do the required action to get the result. But when I browsed the site and try to get the result in https, i am getting below error in browser console. Same thing happens even if i hard-code the complete API url with https protocol. Mixed Content: The page at 'https:///product' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http:///api/product/getmore?pageIndex=1'. This request has been blocked; the content must be served over HTTPS.

XHR failed loading: GET "https:///api/Product/GetMore?pageIndex=1".

Please let me know if you have any solution.

Thanks, Sharath

1
jqueryasp.net-web-apimixed-content
Your API URL is either redirecting to a http location or, the data sent by the API contains unsafe resource URL(s), that is my 2 cents.Eduardo Escobar
Hi Eduardo,I verified the API URL it s not redirecting. If I browse the API URL (ex: mysite/api/Product/GetMore?pageIndex=1), i can get the result (able to get the result in https, or https protocol) and the results contains valid URLs. Is there anything in the IIS where it is considering the relative URL with default http protocol?Sharath

1 Answers

0
votes

in order to work you need to specify index.php so it knows which function it is calling. Because this is similar to cUrl call it requires full path. And to let call to decide which protocol it is on, you need double slashes at the beginning. So try this:

$.get("//api/Product/GetMore/index.php", { pageIndex: currentPage })

OR

$.get("//api/Product/GetMore/", { pageIndex: currentPage })

Fixed my issues in the past.