!!! note This post is a thought. It's a short note that I make about someone else's content online. Learn more about the process here

Here's my thought on 💭 python 3.x - FastAPI redirection for trailing slash returns non-ssl link - Stack Overflow

I am trying to use htmx on a new fastapi site for my thoughts, and have been hitting this error.

Mixed Content: The page at 'https://front.mydomain.com/#/clients/1' was loaded over HTTPS, but requested an insecure resource 'http://back.mydomain/jobs/?_end=25&_order=DESC&_sort=id&_start=0&client_id=1'. This request has been blocked; the content must be served over HTTPS.

What is happening

I have an htmx component that gets the current users name, but if they are not logged in the backend redirects to a login form.

        <div hx-get='/users/me' hx-trigger='load'>
            get me

But for some reason when the front end gets this redirect, it tries to do it through http, and flags it as insecure.

The solution

To solve this issue, the post directs to set the --forwarded-allow-ips to '*'

uvicorn thoughts.api.app:app --port 5000 --reload --log-level info --host --workers 1 --forwarded-allow-ips '*'

This post was a thought by Waylon Walker see all my thoughts at https://waylonwalker.com/thoughts