Is it possible to perform a GET request between a site using HTTPS and another using HTTP?

https://i.stack.imgur.com/AlWYJ.png

I recently hosted my site on Shopify using HTTPS, and then I attempted to make a GET request via Angular to a site that uses HTTP.

Angular

<script type="text/javascript" src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.4.8/angular.min.js"></script>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link href="https://fonts.googleapis.com/css?family=Roboto:400,900" rel="stylesheet">

<style type="text/css">
    div {
        font-family: 'Roboto', sans-serif;
    }

    p, a {
        font-size: 12px;
        font-family: 'Roboto', sans-serif;
    }

    .body-text-header-large {
        font-size: 1.5em;
        font-weight: 300;
        line-height: 2em;
        color: #42baf1;
        font-family: 'Roboto', sans-serif;
    }

    .company-name {
        font-weight: 900;
        font-family: 'Roboto', sans-serif;
    }

</style>


<div ng-app="myApp" ng-controller="myCtrl">
    <div class="container">


        <span class="body-text-header-large">DISTRIBUTORS</span>
        <p class="silver">Bioss Antibodies are sold worldwide. Find a distributor near you to order in your area!</p>



        <div ng-repeat="obj in data" >

            <div class="row">

                <!-- Country -->
                <div class="col-xs-4 text-center" >
                <p>{{obj.country}}</p>
                    <img src="data:image/png;base64,{{obj.flag}}" alt="" width="30px">
                </div>

                <!-- Main Info -->
                <div class="col-xs-4" >
                    <p class="company-name">{{obj.user.username}}</p>
                    <p>{{obj.distributor.phone_public}}</p>
                    <p>{{obj.user.email}}</p>
                    <a href="{{obj.distributor.url}}">{{obj.distributor.url}}</a></span> <span class="col span_2_of_6">
                </div>

                <!-- Logo -->
                <div class="col-xs-4 pull-right" >
                    <img src="data:image/png;base64,{{obj.logo}}" alt="" width="100px">
                </div>

            </div>

            <br><hr>


        </div>

    </div>
</div>

<script>

    "use strict";
    var app = angular.module('myApp', []);
    app.controller('myCtrl', function($scope, $http) {
        $http.get("http://d.biossusa.com/api/distributor?key=*******")
        .then(function(response) {
            var data = response.data;

            var array = $.map(data, function(value) {
                return [value];
            });

            console.log(typeof(array));
            console.log(array.length);
            console.log(array);

            try {
              $scope.data = array;
          } catch (error) {
              console.log('its not json');
          }
      });
    });

</script>

Result locally

It works perfectly fine on the local server.

https://i.stack.imgur.com/7HPfY.png

However, I encountered an issue where I kept getting:

Refused to connect to '******' because it violates the following Content Security Policy directive: "connect-src 'self' https://* wss://*".

https://i.stack.imgur.com/7HPfY.png

Converting my API site from HTTP to HTTPS seems costly. Is there any workaround for this issue?

Are there alternative solutions available?

Could using certain frameworks or APIs help avoid this error?

javascriptangularjshttphttps

Answer №1

Switching a URL from HTTP to HTTPS can trigger the same origin policy, causing your request to be blocked. The browser interprets the change in protocol as coming from a different origin.

To overcome this, you can utilize CORS for enabling cross-origin HTTP-Requests. Implementing CORS permits sending requests between HTTP and HTTPS. Refer to this informative guide for a comprehensive overview of using CORS.

Ensure that you authorize cross-domain requests by including Access-Control-Allow-Origin: * in your response header. This setup is typically done on the backend application (serverside). However, note that:

Keep in mind that CORS/AJAX requests may encounter issues when calling a URL from HTTPS to HTTP due to browser security protocols. Review the w3c access control security guidelines which state:

In certain cases, user agents are permitted to terminate the algorithm and not proceed with the request, as outlined in the cross-origin request algorithm and redirect steps algorithm. This could be due to reasons such as:

  • The resource's origin being blacklisted.

  • The resource’s origin belonging to an intranet.

  • The provided URL not being supported. -https to http transitions are restricted.

  • SSL certificate errors preventing https connections.

Answer №2

Due to the CORS policy restrictions, calling from an HTTP URL to an HTTPS URL is not allowed, which was causing me a similar issue. To resolve this problem, I decided to switch my website from HTTP to HTTPS by using [

If you are facing a similar issue, consider converting your HTTP website to HTTPS as a solution.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Proceed to the section with modal

My goal is to create a modal with 4 sections, each loading its content dynamically using the .load() function to the container on the right side. The challenge I'm facing is that I have a footer menu that triggers the modal to open, and I need it to ...

javascriptjqueryhtmlcssajax

Listen up, Javascript keyboard input recorder

I am aiming for the search bar to pop up when you type. The code below is functioning, but I am facing an issue where the search bar pops up even when typing in a different input field, such as the comment input. Is it feasible for the search bar not to ...

javascriptjqueryhtmlcss

Every time I launch my express application, I encounter this error message

Encountering a type error with Express Router middleware. See below for the code snippets and error details. Any assistance is appreciated? The application is functioning properly, but when attempting to access the URL in the browser, the following error ...

javascriptnode.jsexpressejs

Turn off HTML display for Internet Explorer users

I am looking to implement code that will block certain pages for Internet Explorer users, making it accessible only for Google Chrome and Firefox users. Do you have any suggestions on how I can achieve this or if there are existing solutions available? I& ...

javascriptphphtmlbrowserweb

Invoke the express function on the client using the callable method

When I'm listening on a local port with my browser, the following method will return Hello world. //Node app.get('/', (req,res)=>{ res.send('Hello world') }); I've successfully exported the app as a ca ...

javascriptfirebaseexpressgoogle-cloud-functions

When using express and passport-local, the function `req.isAuthenticated()` will typically return a

I'm seeking some insight into my current situation. I've noticed that whenever I call req.isAuthenticated() in an app.router endpoint, running on port 3001 via the fetch API, it always returns false. It seems like the connect.sid is not being pro ...

javascriptreactjsexpresspassport.jspassport-local

Monitoring the progress of file uploads within itemView

In the process of developing an application using Marionette/Backbone, I have successfully implemented file uploads over an AJAX call. Now, I am looking for a way to provide users with feedback on when they can select the uploaded file and proceed with mod ...

javascriptajaxbackbone.jsmarionette

Loading Datatables using PHP to send JSON data

I seem to be facing some difficulty in troubleshooting the issue within my code. Currently, I am working on a search script and would like to display the results using Datatables. I have a search form that sends data to my PHP file which then returns a JS ...

javascriptphpjqueryjsondatatables

When you access the `selectedIndex` property in JavaScript, it will return an object of type `HTMLSelect

I am currently working on a piece of code that retrieves the value from dropdown list items and then displays it in the document. To proceed, please select a fruit and click the button: <select id="mySelect"> <option>Apple</option ...

javascriptdocument.writeselectedindex

Develop a JavaScript library for use in the npm ecosystem

I have developed a minimalist JavaScript library that includes common functions: !!window.JsUtils || (window.JsUtils = {}); JsUtils = (function () { "use strict"; return { randomHex: function (len) { var maxlen = 8; ...

javascriptnode.jsnpmmodule

The value produced by the interval in Angular is not being displayed in the browser using double curly braces

I am attempting to display the changing value on the web page every second, but for some reason {{}} is not functioning correctly. However, when I use console.log, it does show the changing value. Here is an excerpt from my .ts code: randomValue: number; ...

javascriptangulartypescript

Issue with using bind(this) in ajax success function was encountered

In my development process, I utilize both react and jQuery. Below is a snippet of the code in question. Prior to mounting the react component, an ajax request is made to determine if the user is logged in. The intention is for the state to be set when a ...

javascriptjqueryajaxreactjs

How to refresh a specific component or page in Angular without causing the entire page to reload

Is there a way to make the selected file visible without having to reload the entire page? I want to find a cleaner method for displaying the uploaded document. public onFileSelected(event): void { console.log(this.fileId) const file = event.targe ...

javascriptangulartypescriptroutesangular2-routing

Tips for displaying diverse content in a DIV container when users click on various sections of an image

Apologies for the unclear title, but I'm struggling to explain my technical goal using jargon. The basic concept is this: there will be an image on the webpage, and when a user clicks on a specific area of the image, relevant information will appear ...

javascriptjqueryhtml

What is the process for uploading images in the backend of a Next.js API?

I am working with Next.js and an API. I need to be able to upload two files and include one text input field using the API backend. I have been struggling to find a solution for uploading files with different fields along with a single text input field in ...

javascriptnode.jsnext.js

Nightwatch.js feature not functioning properly in a 'closing' manner

I'm facing an issue where I need to execute a function at the beginning of my test before proceeding with the rest of the test steps. Here is the custom command I am using, named internalAdviceLinksHtml: const solr = require('solr-client') ...

javascriptfunctionseleniumselenium-webdrivernightwatch.js

Styling the file input type in AngularLearn how to customize the

I've come across numerous queries on how to style an input type file, but I'm struggling to implement it in an angular context. So, what is the best way to customize the appearance of an input type file within an angular application? Below is t ...

javascriptjqueryhtmlangularjs

Error: The index "id" is not defined

Hey there, I have been working on fetching data from a JSON URL located at this link. However, I seem to be encountering an error that I can't quite comprehend. If anyone has any insights or solutions, I would greatly appreciate the help. Thank you in ...

javascriptphpjsonlaravelhttp

Node.js offers a variety of routing options and URL endpoints

app.use('/api', require('./api')); app.use('/', require('./cms')); The initial path is designated for my public API, while the latter is intended for the CMS dashboard. However, the setup is flawed as localhost:80/a ...

javascriptnode.jsexpress

Utilizing NextJs req.query parameter in Prisma for advanced query filtering

Currently, I am delving into the world of NextJS and experimenting with sending requests to an API while passing a parameter that is then used by Prisma to query the database. In order to achieve this, I've created a new file located at /api/posts/[s ...

javascriptnext.jsquery-stringprisma