CODEWITHSUNDEEP
javascriptc#jqueryasp.net-mvc
Omar Seleim
Omar Seleim

Reputation: 185

Convert ASP.NET MVC web application from http to https

I have ASP.NET MVC web application in http I want to convert it to https. I have change in code from http to https but after deployed on internet I had some javascript library errors , example :

Mixed Content: The page at 'https://MySite/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-2.1.3.min.js'. This request has been blocked; the content must be served over HTTPS.

What is solution?

Upvotes: 0

Views: 833

Answers (2)

trashr0x
trashr0x

Reputation: 6565

When HTTPS is enabled, all your assets have to be requested over HTTPS as well, otherwise you get mixed-content warnings as both secured and unsecured elements are being served up on a page that should be completely encrypted. Switch to HTTPS:

<script src="https://code.jquery.com/jquery-2.1.3.min.js"></script>

You can also use protocol-relative URLs, i.e. instead of:

<!-- this.. -->
<script src="http://code.jquery.com/jquery-2.1.3.min.js"></script>
<!-- ..or this -->
<script src="https://code.jquery.com/jquery-2.1.3.min.js"></script>

You can instead use:

<script src="//code.jquery.com/jquery-2.1.3.min.js"></script>

Using the protocol-relative syntax, the resource will load in HTTP when requested from a non-secure page, and HTTPS when requested from a secure one.

The downfall to this is that using protocol-relative schemes on non-secure pages will retrieve cross-origin assets in a non-secure fashion. This means that you could be missing out on benefits that HTTPS provides when requesting (for example) resources from a CDN, such as receiving the assets over HTTP/2*. As you're going full HTTPS this is not an actual concern, so use it at your own discretion.

*HTTP/2 does not require the use of encryption (e.g. TLS), but some implementations have stated that they will only support HTTP/2 when it is used over an encrypted connection, and currently no browser supports HTTP/2 unencrypted. (HTTP/2 FAQ)

Upvotes: 4

Josh Stevens
Josh Stevens

Reputation: 4221

When you have an https site you should load all your JavaScript content (if they're external links) through https

reference:

https://code.jquery.com/jquery-2.1.3.min.js

instead of: 

http://code.jquery.com/jquery-2.1.3.min.js

The answer is as simple as that!

Upvotes: 1

Related Questions