[Feature Request] Mixed Content

[dymas-cz]

Hello, i'm running Komga behind reverse proxy and when i try to use userscript with komf i can't get it to run as indicated by the error below. Are there any plans to implement some form of security for komf so we can expose the servise and use it with userscript?

Mixed Content: The page at 'https://komga.mydomain.com/libraries/07MMHWFYGVEQX/series' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://192.168.1.15:32085/config'. This request has been blocked; the content must be served over HTTPS. dispatchXhrRequest @ userscript

[Snd-R]

For now you can only allow mixed content in your browser settings https://superuser.com/a/1672733

As for proper secure way, it is possible to expose komf using your reverse proxy and adding basic auth restriction. To access komf you'll need to enter username and password. It should be supported by most reverse proxies

This will require handling basic auth in userscript. In connection tab a new section with komf username and password will need to be added

[rRoler]

@Snd-R To support mixed content with the userscript you could also use GMxmlhttpRequest from the GM* API which most userscript managers like Violentmonkey (https://violentmonkey.github.io/api/gm/#gm_xmlhttprequest) and Tampermonkey (https://www.tampermonkey.net/documentation.php#api:GM_xmlhttpRequest) support and add a fallback if it isn't supported.