How to fix emojis not served over HTTPS

zoharm

May I please get some help, I am getting this browser warning:

Mixed Content: The page at 'https://www.tactiqo.com/topic/4/tactiqo-is-born' was loaded over HTTPS, but requested an insecure image 'http://www.tactiqo.com/plugins/nodebb-plugin-emoji-one/static/images/1f600.svg'. This content should also be served over HTTPS.

I am using this nginx conf (stripped down to relevant info, i tested without nginx static content serving, same issue):

server {
   listen 80;   
   return 302 https://$server_name$request_uri;
}

server {
    listen 443 ssl spdy;
    #SSL cert stuff
    #proxy header stuff
    location / {
        proxy_pass http://127.0.0.1:4567;
    }
}

It looks like this error only happens with static content served from the emoji plugin, where looking at the network traffic, the initiator for the emoji images is a full http://... address while for all other static files it is nodebb.min.js

yariplus

Check that your main config.json file is using https for the url setting.

zoharm

@yariplus that was it, amazing troubleshooting. once again thank you, you are awesome.

julian

Nice job @yariplus

PitaJ

Another note: use http/2 instead of spdy in Nginx. I believe they removed spdy support since http/2 supercedes it.

scottalanmiller

@yariplus said in How to fix emojis not served over HTTPS:

Check that your main config.json file is using https for the url setting.

Same issue here, but https has long been used in the config.json file. Just some emojis causing the problem.