Allow/activate mixed content in Browser

javascript google-chrome https mozilla mixed-content
gerard talla picture gerard talla · Mar 19, 2018 · Viewed 7.6k times · Source

I'm currently build my website and I face a problem the Mixed Content blocking in JavaScript which occur with Chrome, Mozilla and Explorer when I tried to load and display image and page coming from http request which I had built it with JavaScript.

I would like to know if there is a code that I could add in my JavaScript code to allow the Mixed Content with my browser? That means just allow my content to be displays without change the configuration of my browser. Thx

Answer

Kornel picture Kornel · Mar 19, 2018

No.

The only thing you can do is to serve everything from HTTPS, or (not recommended) downgrade the top-level site to insecure HTTP.

The script is disabled, because an attacker could put anything in there. If that anything could include "trust me, I'm safe", then an attacker could put the same on their exploit.

As a side note: all browser vendors are 100% serious about completely deprecating insecure HTTP on the web — no ifs, no buts, no exceptions. You'll save yourself pain if you accept that http:// is no longer usable, and switch everything to be served via HTTPS. There's Let's Encrypt/certbot, CloudFlare, and AWS that can make your site HTTPS with little hassle, for free.

Related questions

Disable same origin policy in Chrome

Is there any way to disable the Same-origin policy on Google's Chrome browser?

Read More
Uncaught SyntaxError: Unexpected token :

I am running an AJAX call in my MooTools script, this works fine in Firefox but in Chrome I am getting a Uncaught SyntaxError: Unexpected token : error, I cannot determine why. Commenting out code to determine where the bad code …

Read More
How do I load an HTML page in a <div> using JavaScript?

I want home.html to load in <div id="content">. <div id="topBar"> <a href ="#" onclick="load_home()"> HOME </a> </div> <div id ="content"> </div> <…

Read More