Ajax post over https from http page

Question

Ajax post over https from http page

I have an ajax call, which really should be https. However, the page from which it is called is http. The browser complains about the forbidden URI, presumably due to the same origin policy. Is there any known workaround for this?

+3

http post ajax https

Jordin po Jan 21 '10 at 4:10

source share

1 answer

Kornel · Answer 1 · 2011-06-04T23:11:18+0000

Yes, a policy of the same origin stops you. You must use the same workarounds as for cross-domain requests.

Requests from an insecure website are unsafe, even if you make requests to the HTTPS URL (because the MITM attack can replace all "https" with "http"), so you should consider using HTTPS for the entire page.

Ajax post over https from http page

More articles: