Browser forces HTTPS - web

I have a backend application and I've been trying to debug it. I can access the data just fine with proper HTTP requests via another application such as Postman and custom built apps.
I try to access the backend baseUrl or any of the endpoints via Chrome (or any of the more mainstream browsers such as Firefox, Edge) and it seems to be redirecting me to https even though I'm typing http.
I've seen this issue online and have tried quite a lot of different potential solutions yet none worked, any help would be greatly appreciated.
One thing to note, I've edited the 'hosts' file on my Windows machine to alias localhost as backend-app-dev.dev. and my app is a python Flask app.
Thanks in advance,
Matt

Related

HTTPS conflict with HTTP

HTTPS conflicts with HTTP
I make my first full-stack project on React and NODEjs and deployed it on netlify.
My backend server runs on HTTP localhost.
And here is a problem:
My app works on my Mac in Chrome but doesn't work properly on other browsers and computers.
Other computers can download index.js (display sign-up and sign-in pages) and it seems there is no problem with CORS but authentication doesn't work.
Safari logs mistakes:
[blocked] The page at https://MYAPP.netlify.appwas not allowed to display insecure content from http://localhost:3500/register.
Not allowed to request resource
XMLHttpRequest cannot load http://localhost:3500/register due to access control checks.
I don't understand why the app works on my MAC but
doesn't on other computers and can't find an answer on how to solve this HTTPS - HTTP conflict
I have tried to find a problem in CORS but it looks like CORS is ok. Also, I tried rewriting the server with HTPPS but it didn't work.
I've never worked with Netlify, so I could be wrong, but I suspect your problem isn't directly related to Netlify.
The Safari error message indicates that your frontend is trying to talk directly to localhost. localhost is an alias for "the computer that is making the connection attempt" under normal circumstances. This means that when someone runs your frontend, the browser tries to talk to the backend running on the same computer that the browser is running on.
This works on your computer in Chrome because you probably have the backend running on your computer for testing. Safari is only complaining that the frontend was loaded via HTTPS but is trying to talk to non-HTTPS servers. It is not stating that it can't talk to the backend, it's stating that it won't even try.
If I'm right and you shut down the back end on your computer, it will start to fail on your computer as well, even on Chrome.
If this is the problem, the solution can be one of two things: You can either run the backend somewhere where it has a domain name/ip address that everyone can connect to, or you need to run a proxy for your backend somewhere where it also meets those conditions, and has a way to pass the request on to where your full backend does run.
You need to find a way to run your backend somewhere other than your own computer or have something somewhere else proxy requests to your computer which then gets relayed to the localhost address. How you go about that will depend on things you didn't specify in the original question.

Network Error (React-Native, Express,Nodejs,MongoDB)

I am getting a Network Error while calling my server(nodejs) API.
I have rechecked my localhost, server, and port.
They are all working fine. I have also confirmed using POSTMAN and also ran the server on the web locally to fetch data.
I think I have also added the cors properly in my server.js file.
Want some help on this.
I have also tried with dummy API and they worked fine.
My imports from front-end
Here is LogCat
Response Header in Postman
ngrok status
Hi I think you can try exposing your local host to the internet using a service like ngrok which will generate a url for you, and then try using the url to send requests instead of localhost:3000. Simply download and follow the instructions here: https://ngrok.com/docs
It seems that you are having a problem in react native code, not in backend. That's why you are not getting any error in postman.
I am guessing that you are importing the dependencies is problematic way.
if you are trying to use local server API in mobile application development, all you need to do is replace "localhost" in the URL with your pc IP address. This worked for me.

Blocked autofocusing on a form control in a cross-origin subframe

Using Chrome, when I'm trying to change values of an input located in an IFrame of another app on our server, I get an error in Chrome:
"Blocked autofocusing on a form control in a cross-origin subframe."
On production (when the two apps are hosted on the same domain) it's working, but on localhost development I can't make it to work.
I've already tried starting Chrome with the following:
--disable-web-security
--ignore-certificate-errors
--disable-site-isolation-trials
--allow-external-pages
--disable-site-isolation-for-policy
but none worked.
Has anyone has an idea how to make it work?
If any change on server side needed, it's also an option.
For me the issue was a chrome extension ( Dashlane ). I disabled it on that site an it worked. I don't know if this helps you in any way but I had the same issue and this worked for me.
edit: I also had the issue on localhost however haven't tried it yet on server.
Go to chrome://flags
Disable SameSite by default cookies
Relaunch chrome

Load local Electron files as secure content

Electron loads local resources by default via the file:/// protocol, which, of course, has its own limitations. Serving under the file:/// protocol will disable you from sending AJAX requests to files also locally stored and will also block Browser APIs like navigator.getUserMedia(), throwing a "Permission denied" error. The latter bothering me the most, I was unable to find any way around it. Is it possible to somehow cheat the browser the content is served over the https protocol? Could I run a localhost server via electron?
Any suggestion would be highly appreciated.
Thanks in advance!

Google Translation doesn't work on HTTPS sites

I am using Google Translate on my website. After I updated to HTTPS, Google Translate stopped working. I even used https://www.google.com/jsapi instead of http://www.google.com/jsapi, but this didn't help.
It is because most of the browsers don’t accept mixed content i.e. calling http resource from HTTPS site.However you can enable it forcefully in your browser.
Using HTTPS for calling jsapi wont be helpful in your case as the real problem occurs when this website internally calls http://www.google.com/inputtools/try/.

Resources