Open milouk opened 1 year ago
Same problem here.
Deployed Shelf behind Nginx Proxy Manager and getting Blocked loading mixed active content
errors.
API_BASE_URL=https://api-shelf.example.com
yet Shelf doesn't always respect this env var and sends many requests via http
@milouk
I apologise it took me so long to reply to you. I'm afraid there is no way to call http
from https
as this is enforced by the browser policies. May you can somehow disable it in your browser, but I don't recommend it. The best solution is to host everything using https
or at least using the same protocol for frontend and a backend.
@mrg358
That's quite strange that API_BASE_URL
is not being respected. Is it like all requests are sent via http
or just some specific requests, like thumbnails and download?
yes, it seems only getting thumbnails and downloads are calling api via http.
@mrg358
Seems like it is an issue with a gunicorn as it ignores X-Forwarded-*
headers if you don't set FORWARDED_ALLOW_IPS
environment variable. And this behaviour affects affects download and thumbnail urls, as they are generated by the backend. Without that X-Forwarded-*
headers, backend simply fallback to the http scheme by default.
To fix it, you can set it to the IPs of your proxy (FORWARDED_ALLOW_IPS=10.170.3.217,10.170.3.220
) or just set it to *
(but do this only if your gunicorn is accessed by your trusted proxy (nginx in your case).
More technical details can be found here
Thank you!
After I set the correct FORWARDED_ALLOW_IPS=192.168.x.1
it works now. :+1:
FWIW my NPM also runs in the same docker environment, so the correct IP to set wasn't the IP of the nginx container but the first IP 192.168.x.1
of the shelf-showcase
compose stack. The same which shows up in the backend logs.
Forgot to mention, I like your app and I hope it will keep advancing more in the future. The frontend design looks very polished and professional. Good job! :+1: Thank you for all the effort you put into it so far.
I have deployed the app behind traefik and issued an ssl certificate for the frontend. My API_BASE_URL is set to
http://shelf-back:8000
. Since fontend has https and backend is http I am getting a "Mixed Content" error. Is there a way to have the frontend using https while the backend is http?My docker compose is as follows: