search

FraunhoferIOSB / FROST-Server

A Complete Server implementation of the OGC SensorThings API
https://fraunhoferiosb.github.io/FROST-Server/
GNU Lesser General Public License v3.0
194 stars 70 forks source link

Mixed content error #1965

Open syed-saad-zahidi opened 1 month ago

syed-saad-zahidi commented 1 month ago

I am facing mix content error. My react application is running on https. while my frost server is on http. when creating things i am facing this error Mixed Content: The page at 'https://sensorhub-dev.hef.tum.de/devices/store#iss=https%3A%2F%2Fkeycloak-dev.hef.tum.de%2Frealms%2Fmaster' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://tuzehez-dev.srv.mwn.de:6062/FROST-Server/v1.0/Things'. This request has been blocked; the content must be served over HTTPS. I cannot put my frost server on https because there will be multiple frost instances.

hylkevds commented 1 month ago

Yes, mixed content is impossible in modern browsers. No way around that. But you can run multiple FROST instances on different paths:

https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-MODELV2/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-MODELV2CORE/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-WaterQuality/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-GeoTech/v1.1/

All run on the same URL.

syed-saad-zahidi commented 1 month ago

I know it can be run on same url. But if i used this approach then there is an error from keycloak as i am using keycloak for auth.keycloak is removing /port from the redirect url and returning acess_token like url/?access_token=123. where as it should actually return url/port?access_token=123. So therefore i am trying to put my frost still on http

hylkevds commented 1 month ago

That sounds like a mis-configured KeyCloak instance.

Regardless, mixed content is not possible in modern browsers. There is no way around that.

syed-saad-zahidi commented 1 month ago

did you used keycloak to authorize these frost instances https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-MODELV2/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-MODELV2CORE/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-WaterQuality/v1.1 https://ogc-demo.k8s.ilt-dmz.iosb.fraunhofer.de/FROST-GeoTech/v1.1/

if you did. Did you faced similar issue ?

hylkevds commented 1 month ago

Those are not secured, but in difference instances we've not had redirect issues that were not directly related to mis-configured redirect URLs in KeyCloak.