0

I adding an instant chat (like gmail chat) in my rails application and I am using private_pub and faye. The app seems to work so far, but users can only see messages after they refresh the page. I inspected the element and it shows that faye.js is being blocked. exact error is

Mixed Content: The page at 'https://....' was loaded over HTTPS, but requested an insecure script 'http://localhost:9292/faye.js'. This request has been blocked; the content must be served over HTTPS.

Has anyone exeperienced such an error and/or any idea how to work around this? See attached image for a screenshot of the error.enter image description here

Alex
  • 193
  • 1
  • 2
  • 12
  • can you post your JS part in application.html.erb it seems your website is build with https but this part alone has an explicit request via http. – coderhs May 24 '16 at 08:21
  • @Coderhs This is the JS part of application.html.erb `<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true %> <%= javascript_include_tag 'application', 'https://js.stripe.com/v2/', 'data-turbolinks-track' => true %> <%= csrf_meta_tags %> <%= tag :meta, name: "stripe-key", content: STRIPE_PUBLIC %>` – Alex May 24 '16 at 15:39

1 Answers1

0

It's a browser behaviour in the interest of security.

HTTPS pages are blocked from loading non-HTTPS resources like Javascript, images and CSS files and will show you that error.

If you must load your page over HTTPS, ensure all resources must also be in HTTPS.

Ianthe the Duke of Nukem
  • 1,721
  • 2
  • 20
  • 37
  • Thanks for the tip. I am using cloud9 for development. But by default, the gem serves faye.js via localhost url, so I was just wondering if anyone has had this experience and could suggest another walk-around. – Alex May 24 '16 at 15:42
  • All good. If you're just doing dev, you could switch your main app to HTTP. – Ianthe the Duke of Nukem May 26 '16 at 06:38