swagger-editor
swagger-editor copied to clipboard
swagger-api
Server generator: Request has been blocked; the content must be served over HTTPS.
| Q | A |
|---|---|
| Bug or feature request? | Bug |
| Which Swagger/OpenAPI version? | hosted version at editor.swagger.io |
| Which Swagger-Editor version? | hosted version at editor.swagger.io |
| How did you install Swagger-Editor? | hosted version at editor.swagger.io |
| Which broswer & version? | Chrome Version 60.0.3112.90 (Official Build) (64-bit) |
| Which operating system? | MacOS Sierra |
Demonstration API definition
N/A (any compiling definition)
Configuration (browser query string, constructor, config.yaml)
N/A
Expected Behavior
Should build code and download for server.
Current Behavior
Clicking the language you want the server built in generates an error in the console:
Server generator: Request has been blocked; the content must be served over HTTPS.
Possible Solution
Workaround is to select the security icon in the right of the address bar and allow the script to run manually.
Context
Trying to generate a quick simple go server api.
I can reproduce this when accessing the Editor over HTTPS (https://editor.swagger.io/).
This is interesting, since we're fetching the Generator API definition over HTTPS: https://github.com/swagger-api/swagger-editor/blob/master/src/standalone/topbar/topbar.jsx#L18
Maybe there's some funk with the scheme inference on Swagger-Client's side.
Aha - this is Swagger-Codegen's fault!
Mixed Content: The page at 'https://localhost:3201/' was loaded over HTTPS, but requested an insecure resource 'http://generator.swagger.io/api/gen/download/9072771b-127c-4d76-9046-a9e7216f69fc'. This request has been blocked; the content must be served over HTTPS.
The generator is sending the user agent to an http download URL, even if the initial request was over HTTPS. Clearly, browsers don't allow accessing HTTP content from an HTTPS page, so the download fails.
Any update on this? I tested with the latest swagger-editor release and the issue still exists.
Yep, the issue still exists. Everytime I need to download the server giles, I have to switch to http :/
This issue still exists but can be worked around by switching to http. Make sure you export your work first!
I found that re-ordering the schemes helped me over-come the issue. I am serving the swagger over https (with invalid certificate if that is of any consequence), the schemes were set-up as follows:
c.Schemes(new[] { "http", "https" });
I changed this to:
c.Schemes(new[] { "https", "http" });
After the change, the mixed-content error went-away.
Still does not work in embebed online editor in WSO2 API Manager (cannot generate server code).
@easygoingalex Where did you make this change, if I may ask?
c.Schemes(new[] { "http", "https" }); I changed this to: c.Schemes(new[] { "https", "http" });
@Hanzik I made it in the swagger config. However, it only gets it working for https and doesn't fall back to http like I thought it would.
@easygoingalex, what do you mean by "fall back to http"? Can you explain what you're expecting to happen?
The issue is exist is we open editor.swagger.io by https but everything works if we open editor by http (http://editor.swagger.io)
Any updates on this issue? I see that 3 years have passed but it seems it still happens.
Now there seems to be an automatic redirection from http to https so now the code generation does not work at all because you cannot use the workaround anymore.
Workaround is to select the security icon in the right of the address bar and allow the insecure resource. it is work for me
You can add HTTPS as a scheme to your swagger UI to workaround this issue: https://swagger.io/docs/specification/2-0/api-host-and-base-path/
