HTTPS server query postal zip code
I am trying to request the address by ZIP code on a site, but it is giving the following error:
Mixed Content: the page at 'https://meusite.com.br ' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ' http://cep.correiocontrol.com.br/20040901.json '. This request has been blocked; the content must be served over HTTPS.
The server my site is hosted on is HTTPS so I believe it is that's the problem... does anyone know a site for query that is also HTTPS so as not to give security error?
2 answers
When you use the HTTPS protocol and need to make requests they must be via HTTPS. For security reasons.
In your case your server is using HTTPS but the Post Office Web Service does not, so it does not allow you to make a request to the post office server because it considers it unsafe.
But you can make pro HTTPS protocol requests via HTTP, example: CDN.
Most current browsers Block this type of request , call Mixed Content .
For third-party domains, use the HTTPS version of the site, if available. If HTTPS is not available, you can try logging in contact the domain and ask if they can make the content available via HTTPS.
Sources:
What is Mixed Content?
how to fix a website with blocked mixed content
Silvan, good? Since you're using Laravel, How about using a proxinig?
Will work as follows: You get sends a request to the zip code url by Laravel, and by jQuery, you send the request to Laravel.
Will save you a lot of headaches, as you will be making the request for your own domain:
Route::get('cep/{cep}', function ($cep)
{
$url = sprintf('http://cep.correiocontrol.com.br/%s.json', $cep);
$json = json_decode(file_get_contents($url), true);
return Response::json($json);
});
In your jQuery, just do this:
$.get('/cep/' + cep, {}, function (response) { /** ... **/ });
The advantage of this type of request is that you don't have to worry with these chatisses limitations imposed by browsers.
Learn more about this at: