1

Am not getting the expected results through my browser because of This request has been blocked; the content must be served over HTTPS.

I have tried adding this

{% block head %}
{{super()}}
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
{% endblock %}

Which has worked for other people

'https://matic.herokuapp.com/' was loaded over HTTPS, but requested an
insecure XMLHttpRequest endpoint
'http://matic.herokuapp.com/status/9092ba37-591e-4e73-b9e3-0ad9bef26cb1'.
This request has been blocked; the content must be served over HTTPS.
David Buck
  • 3,752
  • 35
  • 31
  • 35
masete
  • 39
  • 7
  • Hey,.... my question was not clear enough, i meant to ask how to solve mixed content blocked, because of the http urls which are blocked by browsers and not https urls. But this thread helped me alot https://github.com/pallets/flask/issues/1129 – masete Oct 29 '19 at 05:43

1 Answers1

1

This would mean that you're dynamically generating an http url instead of https. When I looked at your code, you're using

return jsonify(
       {}), 202, {
       'Location': url_for(
            'taskstatus', task_id=task.id)}`

to create a dynamic url. Can you update this to

return jsonify(
       {}), 202, {
       'Location': url_for(
           'taskstatus', task_id=task.id, _external=True, _scheme='https')}`

and respond with the result. Not the difference in url_for

David Buck
  • 3,752
  • 35
  • 31
  • 35
Reio Santos
  • 58
  • 1
  • 7