ngrok icon indicating copy to clipboard operation
ngrok copied to clipboard

Published 20 hours ago verified publisher icon inconshreveable

Mixed Content Error - Getting error while trying to load page.

Open agusdutra opened this issue 7 years ago • 5 comments

I'm developing an App using Ionic, so they bring this CLI to expose content on a local server, but it's not HTTPS. It's on localhost:8100

I was using ngrok to expose over HTTPS and get acces through mobile phones to the camera, mic, etc.

Until yesterday, it was working fine, but now I'm getting mixed content error. The page loads fine, but it's not a valid HTTPS, so when accessing through mobile phones, I can't access to camera, mic, etc.

My console shows these errors:

Mixed Content: The page at 'https://f88697ea.ngrok.io/' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://f88697ea.ngrok.io:53703/'. This request has been blocked; this endpoint must be available over WSS.

VM42:164 Uncaught DOMException: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.
    at new WrappedWebSocket (<anonymous>:164:21)
    at new WrappedWebSocket (<anonymous>:164:21)
    at Object.openConnection (https://f88297ea.ngrok.io/__ion-dev-server/ion-dev.js?v=3.1.2:101:19)
    at Object.start (https://f88297ea.ngrok.io/__ion-dev-server/ion-dev.js?v=3.1.2:18:10)
    at https://f88297ea.ngrok.io/__ion-dev-server/ion-dev.js?v=3.1.2:467:16

I created the server on the command tool of ngrok using the command: ngrok.exe http 8100

agusdutra avatar Dec 04 '17 20:12 agusdutra

I am having same problem. Did you find any solution?

dearfog avatar Jun 02 '18 10:06 dearfog

Still facing the same issue

Ajamuar avatar May 29 '20 09:05 Ajamuar

any work around for this?

hafizSiddiq7675 avatar Aug 24 '22 17:08 hafizSiddiq7675

Just a workaround: Puted <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> on <head>. This allow your HTML to load mixed content (not recommended).

if anyone has a better solution please let me know.

arturfber avatar Dec 12 '22 15:12 arturfber

Just a workaround: Puted <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> on <head>. This allow your HTML to load mixed content (not recommended).

if anyone has a better solution please let me know.

This was helpful for while, but then I realized that this upgrades all of the requests to https: and if you try to debug your code in localhost, it won't work.

zsubzwary avatar Dec 11 '23 04:12 zsubzwary

Thank you for opening this issue! As of April 2016, the ngrok service has permanently moved to https://ngrok.com/. To join the community and file bug reports or feature enhancements for the ngrok agent, please go to https://github.com/ngrok/ngrok.

This repository is no longer actively maintained and will be archived soon to reduce confusion with the latest ngrok versions. We thank you for the continued support of ngrok and look forward to seeing you over at ngrok.com and the ngrok Community Repo.

russorat avatar May 09 '24 19:05 russorat