3

I deployed a website that contained an API that was not working.

In console, it shows some errors. but the site was working properly on my localhost.

Error: Mixed Content: The page at 'index.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ---"URL". This request has been blocked; the content must be served over HTTPS.

Harshil Sharma
  • 101
  • 1
  • 2
  • 8
  • 1
    Does this answer your question? [How to make XMLHttpRequest work over HTTPS on google chrome?](https://stackoverflow.com/questions/14607218/how-to-make-xmlhttprequest-work-over-https-on-google-chrome) – Laurel Sep 26 '21 at 23:52

1 Answers1

5

This means that you accessed your website using HTTPS, but when you XMLHttpRequest, you're using HTTP in that code. It would be helpful to see that code. If you're using XMLHttpRequest like this: http://example.com/, change it to: https://example.com/. This error means you need to use all HTTPS or all HTTP.

Edit: According to another StackOverflow post, you should actually leave out the http/https completely: //example.com/

TheBoyne
  • 127
  • 8
  • Please mark it as accepted answer then! :) – TheBoyne Sep 27 '21 at 00:27
  • 1
    Add `` to the html file, this would solve the issue. You can read more on [Mozilla Develop Doc][1] [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests – Balogun Ridwan Ridbay Feb 28 '23 at 17:35