Mixed Content , but requested an insecure XMLHttpRequest endpoint

[scenaristeur]

I want to use EyeServer from my webApp https://spoggy0.firebaseapp.com/ ( clic the "cat" icon to toggle to the chat/graph page, then clic on "..." icon to open "Eye reasoner" panel)

Then clicking on "Execute Eye" , the app send this data :

data=@prefix : <ppl#>.
 
:Spoggy :type :WebApp.
:Spoggy :developpeur :David.
:David :connait :Bob.
:Spoggy :hasPart :Graph.

&data=@prefix : <ppl#>.
         { ?a :connait ?b }
 =>
         { ?b :connait ?a .
           ?a :type :Personne.
           ?b :type :Personne}.

          {?c :developpeur ?d}
          =>
          {?d :type :Developpeur}.

          &query={ ?a ?b ?c. } => { ?a ?b ?c. }.

to the eye endpoint : http://eye.restdesc.org/

but i got this error message :

iron-request.html:331 Mixed Content: The page at 'https://spoggy0.firebaseapp.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://eye.restdesc.org/'. This request has been blocked; the content must be served over HTTPS.

It seems that the problem could be resolve, if the endpoint server could provide "https" instead that "http" as describe here https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/How_to_fix_website_with_mixed_content.

Could you migrate to https or do I have to find another solution. ? NB : (my code works correctly on localhost) (don't be afraid with the error : "GET https://spoggy0.firebaseapp.com/socket.io/?EIO=3&transport=polling&t=L-TLMwH 404 ()" , this is another problem (firebase don't accept socket.io ;-\ )

[RubenVerborgh]

We'll indeed need to migrate to HTTPS. Unfortunately, the service is currently running on an old server, for which the usual solutions (Let's Encrypt) are not that straightforward.

I'll investigate moving this. In the meantime, you could look for an HTTPS proxy or set one up at firebaseapp.com.

[RubenVerborgh]

@joachimvh Need to think about HTTPS as well for the new server.