Mixed Content Security Issue on HTTPS Deployment

[mikes-bowden]

Typically, when setting up anything in my local stack that I intend to keep around, I configure a local domain in Nginx Proxy Manager with a wildcard SSL certificate. It doesn't always work as expected. :)

Is your feature request related to a problem? Please describe. Yes, there's a Mixed Content security issue. When accessing the site via HTTPS, certain resources are still being requested over HTTP. This happens, for example, when the page 'https://perplexica.l.localdomainhere.com/' tries to load resources from 'http://10.127.37.99:3010/api/models'.

Describe the solution you'd like I suggest adding a setting to configure the domain name in the application settings. This would allow for easier adjustments of resource URLs depending on the deployment environment.

Describe alternatives you've considered Another possible solution is adjusting the CORS policy.

Additional context Here’s a screenshot demonstrating the issue:

[ItzCrazyKns]

The issue is related to your backend not being served over HTTPS. I would recommend you to set it up over a domain with an SSL certificate. You can change the address for the backend in the docker compose file and rebuild the images everything should work fine.

[mikes-bowden]

Could you direct me to which variable I should change? I use the Nginx proxy manager, which has a valid wild-card certificate. I've tried it several different ways with no success. The one way I can get it to work correctly, but it still throws a 404 on the library section, is by using IPs only.

[syrian2012]

so did it have been fixed eventually or still exist because I still have the same problem and can't find a way to fix it if any one can help

[ItzCrazyKns]

so did it have been fixed eventually or still exist because I still have the same problem and can't find a way to fix it if any one can help

Just update the backend URL and serve the backend over HTTPS as well, that's a simple protocol error, unrelated to Perplexica.