This forum is in archive mode. You will not be able to post new content.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Serosin

Pages: [1]
1
Web Oriented Coding / Re: Can I send a request to an http page from an https page?
« on: January 14, 2016, 01:55:17 PM »
Quote
You can get cert for free, either by signing it yourself or getting it signed for free by Let's Encrypt.

Actually, the hosting service I use makes you purchase a dedicated IP address if you're going to use any certificate at all. That's the extra cost. I'm well aware of free and self-signed certificates.

Quote
Using a script on domain A to send ajax request to domain B is against same-origin policy and will be stopped by any browser that enforces same-origin policy.

I can already get cross-origin requests without using JSONP. Putting the
Code: [Select]
Header set Access-Control-Allow-Origin command in the .htaccess of domain B allows cross origin requests to be made, as long as they are over the same protocol. If they aren't, it still doesn't work, and a browser console will specifically say different protocols is the reason why. I'll look over the Stackoverflow link you sent, but I've skimmed it and haven't found exactly what I need, yet. Still, it's a long post and maybe something's there, but I have to go to work ;)

2
Web Oriented Coding / Can I send a request to an http page from an https page?
« on: January 14, 2016, 03:04:13 AM »
I'm trying to write a script that will take information (cookies, etc.) and send it off to a domain I own as a post request using Ajax. The script is supposed to execute once the page loads. The thing is, this won't work if the page the script is on is served over https, because the domain I own doesn't use SSL, and Same Origin Policy stops that. It costs extra money and I'd rather make that purchase for a more legitimate reason if I need to.

So I was thinking of adding a line to the script that changes the location.protocol BOM from https: to http:, but when the command executes, the browser will try to request the page it's on over http, effectively reloading the page and never letting the script fully execute, looping, fucking things up, and so on.

Is there a way to change location.protocol without the browser sending a new request? I just want to make the browser think that the current https page was actually served over http so that a response from my domain doesn't also need to be served over https.

Or is there a better way to do this?

Pages: [1]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.