Mixed content warning when using SSL offloading in HAProxy
-
I use HAProxy trying to do SLL offloading for a WordPress site. Frontend is on 80 and 443 with redirect
<redirect 301="" scheme="" https="" code="" if="" !{="" ssl_fc="" }="">Redirection is working well when the page is accessed on port 80.
However the pages loads incomplete and looking in the console of Firefox/Chrome it can be seen that "mixed mode content" is blocked by the browser. Some stylesheets, scripts an images are still accessed over http instead of https.
301 is permanent redirection, so why is this happening? The browser should not even try http because it should be aware of the permanent redirection. And besides that, even when http is used accidentally, it should still be redirect to https instead.Any clues how to solve this? IIS reverse proxy seems to do fine but I like HAProxy better.</redirect>
-
I guess you are looking for this instead: https://www.w3.org/TR/upgrade-insecure-requests/
-
Tnx doktornotor, seems to work fine!
Upgrade-Insecure-Requests is however not supported in all browsers, and I still don't get how the 301 redirection is not working in the first place. -
I've given up on WP long time ago. IIRC tons of the stuff is CDN-loaded and not really local, there's nothing the haproxy would do there.
-
Inspecting the blocked content it all seems local to me, can't see any other domain names in it than just the domain name the site is running.