Insecure content from markdown-it-bundle when using https

mr8 · July 20, 2017, 9:32pm

Recently updated my copy of discourse and noticed this weird little bug in the console that also prevents the preview window from loading.

[blocked] The page at https://domain.com/t/topic/4512/484 was not allowed to run insecure content from http://domain.com/assets/markdown-it-bundle-d1f9395746d57602322789f6d8cdbfcb43f414005bb7a41e18cb6fdbeede9796.js.

Only get this error when accessing the site via https. Accessing the site via regular http eliminates the problem and the preview loads as usual.

Did I miss a recent change somewhere in the setting that I need to adjust so that that particular asset gets loaded over https when connecting via https? All other assets seem to be loading correctly.

Falco · July 20, 2017, 9:34pm

If you turn the site setting force_https ON, it should work, can you try that?

mr8 · July 20, 2017, 9:36pm

Already have that enabled.

Falco · July 20, 2017, 9:37pm

If you have that enable how can you access the site via HTTP?

mr8 · July 20, 2017, 9:38pm

Adding:

proxy_set_header X-Forwarded-Proto https;

to my outer nginx fixed this by letting discourse know that I needed the https:// assets instead of the https:// ones.

Topic		Replies	Views
[Solved] Dev instance with nginx: topic preview not working dev	6	4661	September 16, 2017
Preview not working when using object store - wrong markdown-it url installation	4	670	January 28, 2022
Front nginx https reverse proxy to discourse http installation	3	1433	January 23, 2019
Site logos and https with proxy installation	3	1011	May 5, 2022
NGINX Proxy Mixed Content Error installation	2	8432	December 24, 2017

Insecure content from markdown-it-bundle when using https

Related Topics