Reputation: 2590
Swagger settings to solve mixed content error
I have a dotnet core web api that is documented by swagger. Here is how I set it up:
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddHealthChecks();
services.AddSingleton(sp =>
{
var options = new JsonSerializerOptions();
options.Converters.Add(new DateTimeOffsetConverter());
options.Converters.Add(new LabelDataConverter());
return options;
});
services.AddCacheManager(Configuration);
services.AddKafkaConsumers(Configuration);
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "X.WebApi", Version = "v1" });
});
services.AddInfluxDb(options => Configuration.GetSection("InfluxDb").Bind(options));
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "X.WebApi v1"));
app.UseRouting();
app.UseAuthorization();
app.UseHealthChecks("/health");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
I can run the endpoints by swagger ui on my local machine but when I deploy the application to server I'm getting TypeError: Failed to fetch errors. Here is what I see on browser's console:
swagger-ui-bundle.js:2 Mixed Content: The page at 'https://x.y.consul.z.com/swagger/index.html' was loaded over HTTPS, but requested an insecure resource 'http://x.y.consul.z.com/v1/Path/1'. This request has been blocked; the content must be served over HTTPS.
How should I update the swagger settings to be able to run without issue also on the server?
Upvotes: 3
Views: 9493
Answers (2)
Reputation: 16
You can add HTTPS as a scheme to your swagger UI to workaround this issue: https://swagger.io/docs/specification/2-0/api-host-and-base-path/
Upvotes: 0
Reputation: 2269
When deployed, is your application exposed in HTTPS using a proxy server, load balancer or such?
If it is, then your problem may not be the Swagger itself, but losing the original HTTPS scheme when converting to HTTP. In fact, please check if you are able to call your API.
In this case, the solution may be as documented here. (Please, check this out, as there are some tweaks in the order of the middlewares and such.)
In short, you can try something like this:
public void ConfigureServices(IServiceCollection services)
{
// Configure this as suited for your case
services.Configure<ForwardedHeadersOptions>(options =>
{
// Processing all forward headers (the default is None)
options.ForwardedHeaders = ForwardedHeaders.All;
// Clearing known networks and proxies collections
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
// ...
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
// If you only specify this and don't perform the configuration
// in "ConfigureServices", the default configuration is used
app.UseForwardedHeaders();
// ...
}
Upvotes: 0
Related Questions
- Swagger gives me HTTP Error 403.14 - Forbidden
- SwaggerGeneratorException: Ambiguous HTTP method for action error
- Swagger 'swagger.json' loads, but 404 error on swagger UI '{localhost}/swagger' in AspNet project
- In Swashbuckle.AspNetCore, Swagger JSON and UI generated without content type when Results.Ok is used
- .NET Core 2 and SwashBuckle Swagger UI is not Displaying
- SwashBuckle UI in .Net Core 2.0 showing error
- Swashbuckle.AspNet.Core: Swagger UI shows empty page - How to fix?
- Swagger UI - Unknown Type: ınteger problem
- AspNetCore Could not load type 'Swashbuckle.AspNetCore.SwaggerGen.SwaggerResponseAttribute'
- Asp.net core swagger not found and server error