1

my website runs on https , my chat server is on another domain which doesnt have https and i have to connect my website to chat server by loading socket.io from chat server 

<script src="http://chetserver.com/socket.io/socket.io.js"></script>

but of curse i get

Mixed Content: The page at 'https://www.example.com/chat' was loaded over HTTPS, but requested an insecure script 'http://chetserver.com/socket.io/socket.io.js'. This request has been blocked; the content must be served over HTTPS.

im probabely going to move chat server on https as well but , is there anyway to allow mixed content only from chetserver.com using utaccess (or any other method )?

hretic
  • 999
  • 9
  • 36
  • 78
  • See this Q&A also https://stackoverflow.com/questions/37043719/how-can-i-allow-mixed-contents-http-with-https-using-content-security-policy-m - I think that that is what you're probably looking to use. – Funk Forty Niner Oct 21 '18 at 19:28
  • @FunkFortyNiner thanx , but i want to load resources from http into https domain ... its not about detect protocol if i put `src=//chetserver.com` it'll change to `src=https://chetserver.com` which wont work bcuz `chetserver.com` doesn't have https – hretic Oct 21 '18 at 19:29
  • Welcome. I added another comment/link; did you see that one also? – Funk Forty Niner Oct 21 '18 at 19:29
  • @FunkFortyNiner thanx second link is apparently my answer ... which is i cant do that ! – hretic Oct 21 '18 at 19:31
  • you can't use `` ? – Funk Forty Niner Oct 21 '18 at 19:32
  • @FunkFortyNiner that meta will convert http to https, which wont work because the target server doesn't support https – Irfandi D. Vendy Mar 05 '20 at 05:11

0 Answers0