I've a form which I'm submitting (through GET as it is required this way) to a crm (ViciDial). I can successfully submit the form however if I do that the processing file at crm will just echo a success text and that's it.
Instead of that text, I want to display a thank-you page on my website, so I decided to use AJAX to submit the form and redirect it to the page I need, however I'm getting this error on my browser:
Mixed Content: The page at 'https://page.com' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://XX.XXX.XX.XXX/vicidial/non_agent_api.php?queries=query=data'. This request has been blocked; the content must be served over HTTPS.
This is my AJAX script:
<script>
SubmitFormClickToCall = function(){
jQuery.ajax({
url: "http://XX.XXX.XX.XX/vicidial/non_agent_api.php",
data : jQuery("#form-click-to-call").serialize(),
type : "GET",
processData: false,
contentType: false,
success: function(data){
window.location.href = "https://www.example.com/thank-you";
}
});
}
</script>
Just setting https in the URL won't work, is there any way in which I can submit the data via GET and redirect the user to my thankyou page?
Problem here was mixed content, this means that I loaded a page through HTTPS and was trying to hit via AJAX an API that was in HTTP. But the browser wont allow us to just do that.
So if you can't set the API to be HTTPS (this was my case) we can still approach this in a different way.
The Main Problem was not the mixed content issue it was that I wanted to submit data to an API and redirect the users to a fancy thank you page. Instead of using AJAX, i made a php file that receives the data sends it using curl to the API (as this is being done server side there is no mixed content issue) and redirects my happy user to a fancy thank you page.
I resolved this by adding following code to the HTML page, since we are using the third party API which is not controlled by us.
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
Hope this would help, and for a record as well.