Welcome Guest Search | Active Topics | Sign In | Register

Essential Objects Product Support Forum » All Products » Support » EO.WebBrowser.WebView: HTTPS -> HTTP XMLHttpRequest Mixed Content Error

EO.WebBrowser.WebView: HTTPS -> HTTP XMLHttpRequest Mixed Content Error Options
Previous Topic · Next Topic
Hurshfeldon
Posted: Wednesday, January 16, 2019 1:45:03 PM
Rank: Newbie
Groups: Member

Joined: 1/16/2019
Posts: 2
Hello, I am trying to send an XMLHttpRequest via EvalScript. I am sending the request to a website on HTTP, while on a website that uses HTTPS. I have set EnableWebSecurity and EnableXSSAuditor too false.

NOTE: I have ran this exact javascript code in Google Chrome DevTools Console and it works perfectly fine without any errors.

I am getting the following error in the WebView DevTools Console:
Mixed Content: The page at 'https://www.google.com was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://localhost:3000/'. This request has been blocked; the content must be served over HTTPS.

My JavaScript Code:

Code: JavaScript 
var xhttp = new XMLHttpRequest();
xhttp.open('POST', 'http://localhost:3000/', true);
xhttp.setRequestHeader('Content-Type', 'application/json');
xhttp.send({});


My C# Code for WebView initialization:
Code: C# 
var options = new BrowserOptions
{
    LoadImages = false,
    EnableWebSecurity = false,
    EnableXSSAuditor = false
};

var threadRunner = new ThreadRunner("viewThread");

var webView = threadRunner.CreateWebView(options);


If someone could inform me what settings I am missing too make this work that would be great. The JavaScript code works in Google Chrome so I must be missing a setting for the WebView too enable this type of behavior.

Thank you.
Back to top
 
eo_support
Posted: Thursday, January 17, 2019 10:42:47 AM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,221
Hi,

There is no settings that controls directly through API with EO.WebBrowser. Google Chrome does have a command line option "--allow-running-insecure-content" that supposes to control this but we have not verified it. You can try to set it and see if it works. To set Chromium engine's command line arguments with EO.WebBrowser, you would need to set this property:

https://www.essentialobjects.com/doc/eo.webengine.engineoptions.extracommandlineargs.aspx

See here for how to set engine options:

https://www.essentialobjects.com/doc/webbrowser/advanced/engine.aspx

Note that we do not support all Chromium engine options, this is often the case for options that are linked to user profiles since we do not have user profiles. So there is a chance that this may not work. If that case please let us know and we will double check on our end.

Thanks!
Back to top
 
Hurshfeldon
Posted: Sunday, January 20, 2019 12:10:08 PM
Rank: Newbie
Groups: Member

Joined: 1/16/2019
Posts: 2
Hello,

"--allow-running-insecure-content" has fixed the issue, thank you.
Back to top
 
eo_support
Posted: Monday, January 21, 2019 9:02:18 AM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,221
Great. Thanks for confirming that it works!
Back to top
 


You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.