unit XData.SwaggerUI.Service.Internal
variable url in code below, is set to http:// although the URL used is http securehttps://
code:
window.onload = function() { var url = "http://../openapi/swagger.json"
var swaggerOptions = {
url: url,
displayOperationId: true,
docExpansion: "list",
Is returning the following browser ERROR Message when trying to call (https://........./swaggerui)
Failed to load API definition.
Fetch errorFailed to fetch http://../openapi/swagger.json
Fetch errorPossible mixed-content issue? The page was loaded over https:// but a http:// URL was specified. Check that you are not attempting to load mixed content.
Is your XData server behind a reverse proxy? Because otherwise it should use the same scheme (http/https) as defined in your BaseUrl. If your BaseUrl is http, how is your server being reached via https?
You can see that the SwaggerUrl is provided via a construction using AbsoluteUrl method.
And AbsoluteUrl is this:
function TXDataRequestHandler.AbsoluteUrl(const RelativeUrl: string): string;
var
Scheme: string;
Authority: string;
Path: string;
begin
Scheme := Request.Uri.Scheme;
Authority := Request.Uri.Authority; // Module.BaseUri.Authority,
Path := Module.BaseUri.OriginalPath;
Result := TXDataUtils.CombineUrlFast(
Format('%s://%s%s', [Scheme, Authority, Path]),
RelativeUrl
);
XModule.DoGetAbsoluteUrl(Scheme, Authority, Path, RelativeUrl, Result);
end;
Unless you have the OnGetAbsoluteUrl event set, you can see that it gets the scheme directly from the request (not from BaseUrl). Thus if your server is somehow being accessed via HTTP (not HTTPS) then it would built the URL to swagger.json file using HTTP. It's hard to tell what's going on from our side, it should be working fine, it would be good if you could do deeper investigation base on the information I just provided.
Thank you for the resposnse.
As I see it (refering to my first post window.onload script), the scheme as defined by the REQUEST is not parsed properly for the secure HTTP part and the built URL part always contains HTTP (not HTTPS) .
I realize this and I do not intend to go any further. My second post describes my situation and the steps I took to verify that there is no problem when using https . If I was to stop using the secure uri, I would have no chance working with https://petstore.swagger.io explorer, since it does not accept the non secure uri.
Thank you for your time, I will use the direct link to swagger.io in order to continue with my project.
I enclose an image of the response I get using the Delphi 10.4.2 Rest Debugger tool. Marked in yellow is the issue as I have stated in my first post (the HTTPS request is not parsed properly as shown in the response body).
Since you are using Apache, that's expected behavior. Sparkle can't tell from an Apache module if you are using http or https. In this cause you should use the OnGetAbsoluteUrl and manually provide the correct scheme there (http or https).
The secure URL is already defined in TXDataServerModule's constructor Create(const ABaseUrl: string; AConnection: IDBConnection) how do you suggest (example) I use TXDataServerModule's OnGetAbsoluteUrl property to overcome this limitation?