Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Kimai
  3. Mixed content warning while embedding

Mixed content warning while embedding

Scheduled Pinned Locked Moved Solved Kimai
4 Posts 2 Posters 642 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • subvenS Offline
    subvenS Offline
    subven
    wrote on last edited by subven
    #1

    I embedded Kimai into Nextcloud (https://foo.bar) using the external sites addon. My embedded link looks like: https://time.foo.bar/ 🙂 I also added CSP headers for Kimai to Kimai's security tab within Cloudron: frame-ancestors foo.bar;

    If I open the site through Nextcloud, I get a mixed content warning and no content at all.

    Mixed Content: The page at 'https://foo.bar/apps/external/8' was loaded over HTTPS, but requested an insecure frame 'http://time.foo.bar/de/login'. This request has been blocked; the content must be served over HTTPS.

    The reason of this is because the client is redirected to the login form without https and therefore blocked because of mixed content. It is well documented at the Kimai documentation why this happens and what to do.

    In our case we can add our (Cloudron) docker proxy as trused proxy: TRUSTED_PROXIES=172.18.0.1 to Kimai's .env file. I can edit the .env file during runtime but I can't edit the env.template so my changes do not persist app restarts or updates.

    @nebulon / @girish can you please add the Cloudron proxy IP to Kimai's env.template? We have done something similar for Jirafeau, see Commit 0f5966a7 🙂

    girishG 2 Replies Last reply
    0
    • girishG Offline
      girishG Offline
      girish Staff
      replied to subven on last edited by
      #2

      @subven Ah, thanks! I will fix the package.

      1 Reply Last reply
      1
      • girishG Offline
        girishG Offline
        girish Staff
        replied to subven on last edited by
        #3

        @subven I have pushed a fix for this.

        1 Reply Last reply
        0
        • subvenS Offline
          subvenS Offline
          subven
          wrote on last edited by
          #4

          Works 🙂 Many thanks!

          1 Reply Last reply
          0
          • M marylou referenced this topic on

          • Login
          • Don't have an account? Register
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • Bookmarks
          • Search