I have worked IIS site which has worked in HTTPS. Something break and now when i try to get it in https site looks like that without CSS styles. I see in source and CSS and JS files try to open as http (which get 404 error when I try to open it), but when i try to open it via https everything work. How to "force" these to open these files via https? URL rewrite rule, but how?
Thanks for help
This what you experiencing is "mixed content blocking". It occures when you reach website via https but some elements are via http.
To resolve the problem you should configure http to https redirection.
You can find 'how to' here: https://www.ssl.com/how-to/redirect-http-to-https-with-windows-iis-10/
Also make sure that you don't hardcoded links to application elements via http in app code (if yes then change to https).
Problem: CSS was being applied to the site but after switching to reverse proxy and adding a security cert while changing nothing else, the CSS no longer loads.
Details: Initially the website was using keter only with no security cert or reverse proxy. The site worked fine as intended. The yesod-devel command correctly renders the site. Once compiled, the styling does not appear on the final site. Before the switch to reverse proxy, everything worked as desired. No other changes were made except to config files related to the reverse proxy and security cert.
Dependencies: The dependencies are at this https://gist.github.com/xave/9cdf396c1918c129aff927ab8999d456.
Workflow: The main dev machine is macOS. The server is Ubuntu. The workflow is to develop and preview on macOS, then to compile and deploy on Ubuntu.
Thoughts:All the CSS is on the page upon inspection. It just isn’t applying. This is true for multiple browsers and even for people who had never before visited the site (so not a caching issue).
Any help would be appreciated and please let me know if you need additional information.
I have deployed my nodejs based react application to digital ocean also i have used the cloudflare for ssl and dns hosting. My project has using google workbox and lru-cache. I have made nginx settings in the digitalocean ubuntu droplet.
Everything oke except the .jpg,.jpeg product images doesnt loading browser and giving me this error
iam showing in chrome like that
i will solve this error but i couldnt understand interesting with what
After some searching i concern about where is my image files in ubuntu and it has right permission to seen (chod x +R) for internet public users. Can they read my files. But i have suppresed with there is no any file in that directory. Couse ubuntu doesnt give me my process to write permisson when i uploading my jpg files with fs.sysnc
Edited:
After i seen that is interested with nginx settings which has looking another directory, i have corrected that and everything worked out!
When I load http://localhost:3000 in Safari, Safari automatically redirects to https://localhost:3000. How can I disable this functionality?
I went into ~/Library/Cookies/HSTS.plist and removed the localhost entry, then restarted Safari but it just re-added it to that plist file and redirected to https.
Any ideas how to fix this so that on localhost I have to explicitly say http or https?
I was able to solve this based on an answer from Ask Different.
In short, closing Safari, then running the commands below, worked.
sudo killall nsurlstoraged
rm -f ~/Library/Cookies/HSTS.plist
launchctl start /System/Library/LaunchAgents/com.apple.nsurlstoraged.plist
Restarting Safari after running that and trying to go to http://localhost:3000 solved the problem and did not redirect to to https.
Hopefully this helps someone fix this problem.
In Safari 13.0.5, deleting website data for localhost (Safari > Preferences > Privacy > Manage Website Data...) solves the problem.
This also happens if the Content Security Policy "upgrade-insecure-requests" is set. There is an open issue here: https://github.com/github/secure_headers/issues/348
You can try
deleting website data for localhost (Safari > Preferences > Privacy > Manage Website Data...)
After that close browser and try it.
If cannot you can try make different port 80 after back port 80 for localhost
After following the fix by Charlie with no luck, what worked for me was running a private window. and after a restart, everything seemed fine on both private and public tabs.
It's possible to use http://127.0.0.1:3000 instead. Or your local computer name.
For example: http://andis-mac-5.local:3000.
You can determine the local computer name from system preferences - Share - Edit:
First of all lets confirm why it is going to HTTPS.
In Developer Tools is it showing a 301 or 302 redirect?
If so it's your web server saying to go to HTTPS. Fix your web server config.
Or is it a 307 redirect which indicates HSTS?
To be perfectly honest I'm not sure if Safari shows this as a 307 (a fake internal redirect to represent HSTS), so it might just go there without showing this, but Chrome does show this.
If so, then deleting that file and restarting should solve that. However can you confirm if the HTTPS site is returning a strict-transport-security HTTP Header? If so then it will just set that next time you happen to go to HTTPS (including if your page loads and image over HTTPS). Can you remove that header? Or better yet, publish it with a max-age of 0 so it removes it from the HSTS browser cache without having to figure out which file it's in or if Safari have moved it from ~/Library/Cookies/HSTS.plist
We just added our website to CloudFlare and everything runs smoothly till now.
When I'm trying to access a pdf file using the absolute path cloudflare returns error 520, this used to work before cloudflare
does anyone know what can break this?
any nginx tweaks needed?
The "520" error is not a standard status code.
You can troubleshooting the issue with cloudflare support, check here:
https://support.cloudflare.com/hc/en-us/articles/200171936-Error-520-Web-server-is-returning-an-unknown-error