Mixed Content when using kubernetes + ingress



  • Hi,
    i am using kubernetes with an nginx ingress controller to host IdeaSpaceVR.
    The problem is the resources/assets are like this:

    <link href="http://myserver.tld/public/font-awesome/css/font-awesome.min.css" rel='stylesheet'>
    

    the result is a mixed content warning because the "main" site is served via https.
    is there a config file to change them to https? like so:

    <link href="https://myserver.tld/public/font-awesome/css/font-awesome.min.css" rel='stylesheet'>
    

    then everything shoud work.

    Greetings, Leo



  • Hi Leo,

    I am wondering why it is served by http and not https. Could it be that the requests to port 443 are translated to port 80 after passing the router internally?

    One quick solution would be - although not great - to manually edit resources/views/layouts/app.blade.php and adjust the URLs.

    I wonder if there would be another solution... maybe something Wordpress does, which allows to set the domain name manually in its wp-config.php file. What do you think?

    Greetings!



  • thx, for the quick response.
    Yea i use ingress as an entry point and ingress handels the encryption. my docker container runs on port 80 thats why ideaSpace uses http.

    my ingress conf

    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: kubernetes-ingress
      annotations:
        kubernetes.io/ingress.class: nginx
        ingress.appscode.com/hsts: "true"
        cert-manager.io/cluster-issuer: letsencrypt-prod
    spec:
      tls:
      - hosts:
        - mydomain.tld
        secretName: letsencrypt-prod
      rules:
      - host: mydomain.tld
        http:
          paths:
          - backend:
              serviceName: idea-space-vr
              servicePort: 80
    

    To set the hostename like wordpress sounds promesing but i am not familiar with php or wordpress...
    is the hostname already set in asset("...") or would something like this work?

    {{  hostname() + asset('public/font-awesome/css/font-awesome.min.css') }}
    


  • Yes, the hostname and protocol are already set in asset, but there is the function secure_asset('path') which resolves into https... I think I could use secure_asset as a standard since IdeaSpaceVR should not run on a non-encrypted protocol anyways. You could quickly try to use secure_asset and let me know if it would solve your problem.


Log in to reply