vikunja
/
vikunja
6
43
Fork 71
Code Issues 150 Pull Requests 16 Packages Releases 32 Activity

requested an insecure XMLHttpRequest endpoint #1366

New Issue
Closed
opened 2023-01-23 10:05:12 +00:00 by devdev · 2 comments
devdev commented 2023-01-23 10:05:12 +00:00
Copy Link

Description

Hello,
After an upgrade has been done from 0.18.1 to 0.20.1, it shoot an error during "logout" of vikunja user account.

The error message is:

Mixed Content: The page at
'https://site_link/with_token'
was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint
'http://site_link/api/v1/info'.
This request has been blocked; the content must be served over HTTPS.

NOTE: In my vikunja application, i used openid authentification. And it seems all ok in my config.yml

Vikunja Frontend Version

0.20.1

Vikunja API Version

0.20.1

Browser and version

Chrome est à jour Version 109.0.5414.75 (Build officiel) (64 bits)

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

Error Message:
Mixed Content: The page at
'https://site_link/with_token'
was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint
'http://site_link/api/v1/info'.
This request has been blocked; the content must be served over HTTPS.

### Description Hello, After an upgrade has been done from 0.18.1 to 0.20.1, it shoot an error during "logout" of vikunja user account. The error message is: > Mixed Content: The page at > 'https://site_link/with_token' > was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint > 'http://site_link/api/v1/info'. > This request has been blocked; the content must be served over HTTPS. NOTE: In my vikunja application, i used openid authentification. And it seems all ok in my config.yml ### Vikunja Frontend Version 0.20.1 ### Vikunja API Version 0.20.1 ### Browser and version Chrome est à jour Version 109.0.5414.75 (Build officiel) (64 bits) ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots Error Message: Mixed Content: The page at 'https://site_link/with_token' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://site_link/api/v1/info'. This request has been blocked; the content must be served over HTTPS.
devdev added the
kind/bug
 label 2023-01-23 10:05:12 +00:00
konrad commented 2023-01-24 21:49:24 +00:00
Owner
Copy Link

This probably happens because the frontend tries to find the correct api url. What did you configure as API?

This probably happens because the frontend tries to find the correct api url. What did you configure as API?
konrad commented 2023-02-13 11:04:44 +00:00
Owner
Copy Link

Closing due to inactivity, please ping if this is still relevant.

Closing due to inactivity, please ping if this is still relevant.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
renovate/sentry-javascript-monorepo
renovate/camel-case-5.x
renovate/go-1.x
renovate/lowlight-3.x
renovate/golang.org-x-sync-0.x
renovate/major-dev-dependencies
renovate/github.com-wneessen-go-mail-0.x
renovate/golangci-golangci-lint-1.x
feature/better-filter-syntax
fix/tiptap-task-list
renovate/flexsearch-0.x
feature/zod-schema
renovate/github.com-typesense-typesense-go-1.x
renovate/github.com-golang-jwt-jwt-v4-5.x
automatic-year-range-for-go-header-template
feature/hide-forbidden-related-tasks
renovate/golang-1.x
release/0.20
release/0.17
release/0.16
release/0.15
release/0.14
release/0.13
v0.23.0
v0.22.1
v0.22.0
v0.21.0
v0.20.4
v0.20.3
v0.20.2
v0.20.1
v0.20.0
v0.19.2
v0.19.1
v0.19.0
v0.18.1
v0.18.0
v0.17.1
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.1
v0.13
v0.12
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.5
v0.4
v0.3
v0.2
v0.1
Labels
Clear labels   
dependencies

   
duplicate

This issue or pull request already exists

  
help wanted

Need some help

  
invalid

Something is wrong

  
kind/bug

Something is not working

  
kind/feature

New feature

  
needs reproduction

   
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
dependencies
duplicate
help wanted
invalid
kind/bug
kind/feature
needs reproduction
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vikunja/vikunja#1366
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?