0

I'm using ASP.NET Core. I have configured a CDN for CSS and JS files.

This my code in the TagHelper in my HTML:

<script src="https://mycdn.azureedge.net/dist/web.bundle.js"
                asp-append-version="true"
                asp-fallback-src="~/dist/web.bundle.js"
                asp-fallback-test="window.jQuery">
</script>

My problem is that the redirect is done hover http and I need https.

This is the error in my browser:

Mixed Content: The page at 'https://www.myweb.com' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.myweb.com/dist/web.bundle.js'. This request has been blocked; the content must be served over HTTPS.

Another thing is that my CSS and JS is not appending the version param.

<script src="https://mycdn.azureedge.net/dist/web.bundle.js"></script>

Thanks!!

chemitaxis
  • 13,889
  • 17
  • 74
  • 125

1 Answers1

1

Don't encode the scheme when linking to external files on CDN.

Instead of src="https://mycdn.azureedge.net/dist/web.bundle.js" use src="//mycdn.azureedge.net/dist/web.bundle.js". Then the browser will use the current scheme, https or http depending on which one is used.

Edit:

Now that I am home I can also reply the second part of your question :P

As I suspected, the asp-append-version tag helper is only for relative urls, which makes sense. Using it for CDN makes little sense, because your application would have to download it every time to recalculate it's hashsum to add it to the url (the version is calculated based on the file contents and each time the file changes, the version changes and the browser is forced to fetch a new version).

You can see that on GitHub here. 

Uri uri;
if (Uri.TryCreate(resolvedPath, UriKind.Absolute, out uri) && !uri.IsFile)
{
    // Don't append version if the path is absolute.
    return path;
}
Tseng
  • 61,549
  • 15
  • 193
  • 205
  • mmm one second... :) – chemitaxis Jun 02 '16 at 13:56
  • Yes, now it working... but I have a problem with the version, it's not attached to the css and js files – chemitaxis Jun 02 '16 at 13:57
  • I've updated my answer after a look on the implementation of the attribute. Version only works for local files (=ones that use relative urls), not for absolute paths – Tseng Jun 02 '16 at 17:31
  • Where did you found it in the documentation? If the documentation really don't mention it, you may fill an issue on github so it may be improved in future: https://github.com/aspnet/Docs/issues – Tseng Jun 02 '16 at 18:03
  • 1
    Using asp-append-version on absolute URLs might make little sense based on the _implementation_, but ideally it would be great if it could append the version of the local fallback file to the absolute URL. This would be perfect for the CDN example above. – Paul May 24 '18 at 15:46