WitchDevelops
commented
2 months ago more explanation:
Open klabal opened 2 months ago
WitchDevelops
commented
2 months ago more explanation:
WitchDevelops
commented
2 months ago I see two solutions: 1) upgrade the API protocol on the backend side 2) try to allow mixed content - as suggested here: https://stackoverflow.com/questions/37043719/how-can-i-allow-mixed-contents-http-with-https-using-content-security-policy-m
Option 1 is preferred because we are not trying to access some third-party service (meaning: we can change the API protocol), but option 2 seems to be an easy and quick fix.
Stackoverflow suggests this:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
which is unsupported in Next.js: https://nextjs.org/docs/app/api-reference/functions/generate-metadata#unsupported-metadata, but can be added via https://nextjs.org/docs/app/building-your-application/configuring/content-security-policy
WitchDevelops
commented
2 months ago Update: I tried the solution no.2, created a new development branch: dev, deployed it, then merged those changed to test it. Deployed dev branch: https://dev--dev-telia-web-shop.netlify.app/
fixed: endpoint is now forced to be secure
broken: connection timeout
On the deployed version to netlify, it seems like the product cards aren't fetching. After clicking "try again", there's a loading computer logo but it doesn't do anything. Yesterday I didn't see it, so could it be related to the backend connection?