Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can sites on Firebase hosting include non-https resources?

Tags:

firebase

web

firebase-hosting

I have been trying to migrate my site from divshot to firebase, since firebase has taken over divshot and shut it down.

Mine is a simple read only site that does not need https. It also contains links to external sites which do not support https. The site worked perfectly on divshot but it looks like firebase forces all sites to use https. Unfortunately, this causes the external sites that my site references to fail loading. The error being:

Mixed Content: The page at 'https://mysite.firebaseapp.com/' was loaded over HTTPS, but requested an insecure resource 'http://www.externalsite.com/'. This request has been blocked; the content must be served over HTTPS.

I tried to remove the http: so the external site is just //www.externalsite.com/, but this causes certificate errors. I can't change it to https since this external site doesn't support it.

Is there any way around this problem?

like image 461
Bob Hogan Avatar asked Dec 30 '15 05:12

Bob Hogan

People also ask

Is Firebase hosting secure?

Key capabilities. The modern web is secure. Zero-configuration SSL is built into Firebase Hosting, so content is always delivered securely.

Does Firebase use SSL?

Firebase Hosting provisions an SSL certificate for each of your domains and serves your content over a global CDN.

Can Firebase host dynamic websites?

Pair Cloud Functions with Firebase Hosting to generate and serve your dynamic content or build REST APIs as microservices. Cloud Functions for Firebase lets you automatically run backend code in response to HTTPS requests.

1 Answers

The short answer is no. This is completely by design. It's a security flaw to allow http on a https site. Therefore it's blocked.

However,

  • Solution 1: Find a https version of resource This might not be possible in your case.
  • Solution 2: convert resource to https It might be possible to host the file or resource yourself with https. This may require you to copy a file or something, which I say carefully, don't pirate stuff that you shouldn't.
  • Solution 3: Redirect This one is probably the most involved solution to do but if you are trying to access some service then you could make your own service to redirect it. You are on firebase which means you could probably hack together some cloud function to make a http request (How to make an HTTP request in Cloud Functions for Firebase?)
  • Solution 4: Don't use Firebase Don't want to do any of the above and you can't live with out the http call? You might just dump firebase and move to some other hosting service.

Hope you find this helpful it might not be the answer your looking for but it might point you in the right direction.

like image 144
Niles Tanner Avatar answered Sep 27 '22 23:09

Niles Tanner
Sign in to Comment

Related questions

Firebase does not sync offline cache if the app is killed
Purpose of Android/Firebase Debug signing certificate SHA-1
Get data ordered by document Id descending in Firestore
Enabling Debug Mode for Firebase Analytics for Flutter
How to use Firebase query equalTo(value, key)?
Firestore: Joins vs Firestore pricing
Handling Firebase ID tokens on the client side with vanilla JavaScript
Firebase Android onAuthStateChanged() fire twice after signInWithEmailAndPassword()
V/FA: Processing queued up service tasks: 1 followed by V/FA: Inactivity, disconnecting from AppMeasurementService
Is it possible to read Firebase data without attaching any listeners?
Negation in condition while sending FCM message
Firestore get documents where value not in array?
Is Firebase an all-purpose database?
How to design a Cloud Firestore database schema
Firestore rules for document field
Android/Firebase - Error while parsing timestamp in GCM event - Null timestamp
iOS Firebase IS_ADS_ENABLED flag in GoogleService-Info.plist file
How to query one field then order by another one in Firebase cloud Firestore?
How to delete outdated Firebase Cloud function containers from GC Storage?
Redirect to Firebase Hosting custom domain

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!