Open hkng opened 2 months ago
To address the issue of mixed content where some resources are being loaded over HTTP instead of HTTPS in your Kubernetes deployment of Elsa Workflow, you need to ensure that all internal links and resources are using HTTPS. This is particularly important when the ingress is configured to use TLS, as browsers will block or warn about mixed content for security reasons.
Here are some steps you can take to resolve the issue:
Check the HTTP__BASEURL
and ELSA__SERVER__BASEURL
Environment Variables: Ensure that the environment variables HTTP__BASEURL
and ELSA__SERVER__BASEURL
are set to use https
in your deployment configuration. This will ensure that the application generates URLs with the HTTPS scheme.
Configure Ingress Correctly: Verify that your ingress is correctly configured to handle HTTPS traffic and that it is properly rewriting URLs to use HTTPS.
Inspect Application Code: If the application is generating URLs internally, ensure that it uses the correct base URL with the HTTPS scheme. This might require inspecting the code or configuration files of the application.
Use X-Forwarded Headers: Ensure that your Kubernetes ingress controller is configured to use X-Forwarded-Proto
headers to let the application know that the original request was made over HTTPS. This is important for applications behind a reverse proxy to generate the correct scheme in URLs.
Update Application Configuration: If the application has any hardcoded URLs or configurations that specify HTTP, update them to use HTTPS.
Review Network Policies: Ensure that your Kubernetes network policies allow HTTPS traffic as expected.
Check for External Resources: If your application is loading external resources (such as scripts, stylesheets, or images), make sure that these resources are also served over HTTPS.
Review Docker Image: Ensure that the Docker image you are using (elsaworkflows/elsa-server-and-studio-v3:latest
) is up to date and configured to handle HTTPS correctly. If necessary, review the Docker image documentation for any HTTPS-specific configuration.
Check Browser Console: Use the browser's developer tools to check the console for mixed content warnings and identify the specific resources that are causing the issue.
Test with Curl or Postman: Use tools like Curl or Postman to make requests to your application and inspect the response headers to ensure that the Location
header in redirects (if any) uses HTTPS.
By following these steps, you should be able to resolve the mixed content issue and ensure that all content is served over HTTPS.
This comment was generated by Glime.
It seems that the code had hard coded to http instead of https. Anyone know how to fix it
Description
Deploy elsa workflow docker into kubernetes, some content will redirect from https to http for example: it contains http://xxx.xxx.com/package/version content (not https)
Steps to Reproduce
Docker version: elsaworkflows/elsa-server-and-studio-v3 Use Kubernetes ingress setting as below:
deployment.yaml
HTTP call to http://xxx.xxx.com/package/version and "Mixed Block" by browser
Refer to attachment below:
Expected Behavior
No mixed content. only https
Actual Behavior
Mixed content. some https and some http