0

As title. The system I'm developing is at https://A.com/ . I need to open a new window at http://A.com/mth and pass a parameters (an array of strings, already joined with commas like K1,K2,K3,...,Kn),just the same as opening a new window shows http://B.com/mth?keys=K1,K2,K3,...,Kn . But I can't pass by query string because it may make the url too long.

I use the post method at the form with my parameter in it by the way just like Window.open and pass parameters by post method

HTML:

<form id="form1" action="http://A.com/mth" target="_blank">
<input type="hidden" name="keys" id="iptkey" />
</form>

And then, JS about POST....

var f=document.getElementById("form1");
f.keys.value=keys.join(",");
f.submit();

I failed when I saw a message: "The page at https://A.com was loaded over a secure connection, but contains a form that targets an insecure endpoints http://A.com/mth......." How could I use JavaScript to achieve my goal and solve this problem?

Gary Lu
  • 53
  • 1
  • 2
  • 11
  • Why do you need to downgrade from HTTPS to HTTP? Especially when according to your description, this stays underneath the same domain? (Or does it not?) – CBroe May 08 '20 at 08:44
  • Sorry, that is at the customer's site, I can only just follow. – Gary Lu May 08 '20 at 09:04
  • 1
    Well, then your customer probably has to just live with the fact, that current browsers take the security of their user’s data more serious, than they themselves do. – CBroe May 08 '20 at 09:10

1 Answers1

1

You cannot make a HTTP request while using the HTTPS protocol.

This is because of the Same Origin Policy.

Same-Origin Policy restricts you from interacting with other sources with different port, host, or protocol.

Here HTTP and HTTPS are two different protocols and hence you cannot perform the request.

Adarsh C
  • 118
  • 4