I have a chrome extension that municates using HTTP in development and HTTPS in production.
I run it from webpages that use HTTPS.
When I use this extension in my development mode I get the following error.
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ':3001/api/end-point'. This content should also be served over HTTPS.
In the past I have been able to resolve this error by going reading this post how-to-get-chrome-to-allow-mixed-content
There are two solutiions in this post.
- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-running-insecure-content
- In the address bar at the right end should be a 'shield' icon, you can click on that to run insecure content.
I have never had success with the first solution, but the second solution where you click on the 'shield' icon was working up until a few weeks ago.
I'm now on Chrome 55 and there is NO Shield option to click on, so I'm wondering how to get mixed content working in developer mode?
I have a chrome extension that municates using HTTP in development and HTTPS in production.
I run it from webpages that use HTTPS.
When I use this extension in my development mode I get the following error.
Mixed Content: The page at 'https://somesite.' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://david-sniper.local:3001/api/end-point'. This content should also be served over HTTPS.
In the past I have been able to resolve this error by going reading this post how-to-get-chrome-to-allow-mixed-content
There are two solutiions in this post.
- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-running-insecure-content
- In the address bar at the right end should be a 'shield' icon, you can click on that to run insecure content.
I have never had success with the first solution, but the second solution where you click on the 'shield' icon was working up until a few weeks ago.
I'm now on Chrome 55 and there is NO Shield option to click on, so I'm wondering how to get mixed content working in developer mode?
Share Improve this question edited May 23, 2017 at 10:31 CommunityBot 11 silver badge asked Jan 6, 2017 at 3:25 David CruwysDavid Cruwys 6,86212 gold badges54 silver badges99 bronze badges 4- 1 While it is not what you are asking, the right answer is that you make your development environment as near-identical to your production environment as possible. In other words, use HTTPS for both. Having your development environment, or at least your development testing environment, be different than your production environment is just asking for problems when you move code from development into production, which is really not when you want to be finding problems. – Makyen ♦ Commented Jan 6, 2017 at 3:34
-
The messages at
consoleare warnings, not errors, yes? – guest271314 Commented Jan 6, 2017 at 5:05 - The actual requests are blocked, e.g. the call to jora-list is not being executed, so while the messages are warnings, the effect is a broken code. – David Cruwys Commented Jan 6, 2017 at 5:28
- there is a chrome startup parameter to disable all security. look into it. – Zig Mandel Commented Jan 6, 2017 at 13:49
1 Answer
Reset to default 13Following a tip by Zig Mandel, I used mand line parameters to run Chrome without security.
I created a folder called c:\_chrome_data and I unpacked my developer extension into chrome extensions and I used this mand line.
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-running-insecure-content --disable-web-security --user-data-dir=C:\_chrome_data
Click the Shield, I noticed that the shield is not available in Version 55 of chrome anymore unless you have the settings listed in the mand line included.
Working Extension