How to deny / reject Upgrade-Insecure-Requests and keep HTTP

Asked Apr 14 '21 at 14:01

Active Apr 14 '21 at 14:01

Viewed 1,936 times

I am working on a web application that is hosted in the internet, but shall be able to use a REST API provided by a local HTTP-printserver.

The problem is, that when the application is accessed via HTTPS, all my XmlHttpRequest to the local HTTP-printserver are blocked (because of security mechanisms of the browser). Therefore my "solution" is to use plain HTTP for the web application.

However, whenever I open the site in my browser - explicitly with http (e.g. http://mysite.de/app/index.html) the browser sends an "Upgrade-Insecure-Requests" which is accepted by the webserver and they switch over to HTTPS.

Is there a way how to deny/reject the upgrade to HTTPS?

Ideally by .htaccess
Ideally only for index.html in the app folder

asked Apr 14 '21 at 14:01

minlux

1

did you try to change your browser settings to "Don’t enable HTTPS-Only Mode"? – Lety Apr 14 '21 at 14:06
Can’t you set up a “proxy” script on the server side, so that you make your AJAX requests to that script via HTTPS - and then from there, it makes the HTTP request to the printer? – CBroe Apr 15 '21 at 07:45

How to deny / reject Upgrade-Insecure-Requests and keep HTTP

0 Answers0