Closed zenxedo closed 7 years ago
Fma965
commented
7 years ago not a developer for this but wanted to let you know that the reason for this is due to accessing a http webpage inside a HTTPS site. either run muximux as HTTP or subsonic as HTTPS
zenxedo
commented
7 years ago I have plenty of other sites working with https. I also followed the Readme instructions and used the https addresses. I thought muximux supported https?
mescon
commented
7 years ago Muximux supports https - it's not up to Muximux to serve content via http or https, that's up to you.
As the error message states, subsonic serves mixed content - meaning, it tries to send you stuff with http:// and not https://. When you load Muximux via https, but try to load a non-secure resource (such as http://example.com/subsonic/, your webbrowser will block it.
Read it again carefully, and you'll see that it's subsonic that has a problem, not Muximux: Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure resource 'http://example.com/subsonic/'. This request has been blocked; the content must be served over HTTPS.
zenxedo
commented
7 years ago I'm not trying to put fault on Muximux just trying to see if I can trouble shoot this. Why does the page load fine if If I go to the site directly but it fails going through Muximux? All my sites are http and nginx serves it as https. I was thinking it is an nginx config issue but I'm stumped as to why it works fine until I try to access it through muximux. I also have several other http sites that work fine being upgraded to https through Muximux. If I click the page in the error that is trying be loaded over http it loads fine as https outside of Muximux. Cold it be something that needs to be added to nginx config so it can pass through Muximux correctly?
fbartels
commented
7 years ago I also have several other http sites that work fine being upgraded to https through Muximux.
Maybe that is the root of the misunderstanding. Muximux does not upgrade your site to https, but is rather served itself through https. This is completely independent from the configured site being served through https as well, but configuring a site as http will give you mixed content warnings.
mescon
commented
7 years ago @mow4cash sorry if I came off rude. What I'm saying is that for some reason, the site you are trying to visit serves up some content that is http://. Perhaps not the entire site, but maybe some image or javascript?
Make sure the source of subsonic (or whatever) does not contain any references to http:// anywhere. Maybe you can set the "External URL" of it to be https://example.com/subsonic/?
If all else fails read this from the instructions: https://github.com/mescon/Muximux#important-note-regarding-https
zenxedo
commented
7 years ago After trying several nginx configs, I got lucky and found one that fixed the problem. I'm not sure why this was needed for Subsonic and Plexpy to work correctly with https through Muximux. Thanks for the help.
location ^~ /plexpy {
proxy_pass http://10.68.69.16:8182;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_max_temp_file_size 0;
proxy_redirect http:// https://;
}
The page works fine without going through Muximux. I have to load unsafe script and lose the green HTTPS if I go through Muximux. It happens with Subsonic and Plexpy.
Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure resource 'http://example.com/subsonic/'. This request has been blocked; the content must be served over HTTPS.