Issue metadata
Sign in to add a comment
|
Connecting from https page to ws://127.0.0.1 (using WebSocket) is blocked by mixed content error |
||||||||||||||||||||||||
Issue descriptionVersion: 50.0.2661.102 OS: Any What steps will reproduce the problem? (1) Download and run pywebsocket or equivalent websocket server locally on 127.0.0.1, bound to port 9998 (2) Run websocket test from https://kepler37b.skelkar.com/test/ (3) Press on "Connect through WebSocket. Please correct if not true, but my assumption is 127.0.0.1 is considered secure connection and hence shouldn't be blocked by mixed content error. What is the expected output? Connection established and Message sent/received. What do you see instead? Blocked by Mixed content error. Please use labels and text to provide additional information.
,
May 16 2016
While localhost is considered a "secure origin" (https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features), I'm not sure that extends to mixed-content evaluation.
,
May 16 2016
127.0.0.1 is not currently considered secure for the purposes of mixed content, but it's under consideration in issue 607878 . Also of note: localhost is treated differently than 127.0.0.1 in the latest version of the secure contexts spec: https://w3c.github.io/webappsec-secure-contexts/#localhost |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by shrikant@chromium.org
, May 16 2016