evroon
CORS
this is the error via firefox and doesnt let me in the log in page.
Blocked loading mixed active content “http://bracket-backend:8400/token”
which is odd since I have the backend CORS Origin set to https://bracketapi.example.com.
this is the error via edge and lets me see the pages but no interactions work.
Mixed Content: The page at 'https://bracket.example.com/clubs' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://bracket-backend:8400/clubs'. This request has been blocked; the content must be served over HTTPS.
any help would be nice and i have a few days to help work through this. thanks.
The cors domain should be the address of the frontend, not the backend, so https://bracket.example.com instead of bracketapi.example.com, see the docs for more info about this.
This error occurs because a request is being sent from a secure server (HTTPS) to a backend that uses HTTP. That's why the error is appearing. Please correct this so that both servers use HTTPS. example
services:
bracket-frontend:
image: ghcr.io/evroon/bracket-frontend
container_name: bracket-frontend
ports:
- "3000:3000"
environment:
NODE_ENV: "production"
NEXT_PUBLIC_API_BASE_URL: "https://yoursite.com:8400"
NEXT_PUBLIC_HCAPTCHA_SITE_KEY: "10000000-ffff-ffff-ffff-000000000001"
restart: unless-stopped
bracket-backend:
image: ghcr.io/evroon/bracket-backend
container_name: bracket-backend
ports:
- "8400:8400"
environment:
ENVIRONMENT: "PRODUCTION"
PG_DSN: "postgresql://bracket_prod:bracket_prod@postgres:5432/bracket_prod"
CORS_ORIGINS: https://yoursite.com
JWT_SECRET: "-write here---openssl rand -hex 32--------"
ADMIN_EMAIL: "[email protected]"
ADMIN_PASSWORD: "youpasswordadmin"
volumes:
- ./backend/static:/app/static
restart: unless-stopped
depends_on:
- postgres
postgres:
image: postgres
restart: always
environment:
POSTGRES_DB: bracket_prod
POSTGRES_USER: bracket_prod
POSTGRES_PASSWORD: bracket_prod
volumes:
- ./postgres:/var/lib/postgresql
