How can I use HTTPS in AngularJS?
Solution 1
For some reason Angular would send all requests over HTTP if you don't have a tailing / at the end of your requests. Even if the page itself is served through HTTPS.
For example:
$http.get('/someUrl').success(successCallback); // Request would go over HTTP even if the page is served via HTTPS
But if you add a leading / everything would work as expected:
$http.get('/someUrl/').success(successCallback); // This would be sent over HTTPS if the page is served via HTTPS
EDIT: The root cause of this problem is that Angular looks at the actual headers from the server. If you have an incorrect internal pass of http data through https there will still be http headers and Angular would use them if you do not add / at the end. i.e. If you have an NGINX serving content through https, but passing requests to Gunicorn on the backend via http, you might have this issue. The way to fix that is to pass the correct headers to Gunicorn, so your framework would be under the impression of being served via https. In NGINX you can do this with the following line:
proxy_set_header X-Forwarded-Proto $scheme;
Solution 2
Use the $http api as you would normally:
$http.get('/someUrl').success(successCallback);
if your app is being served over HTTPS then any calls you are making are to the same host/port etc so also via HTTPS.
If you use the full URIs for your requests e.g. $http.get('http://foobar.com/somePath') then you will have to change your URIs to use https
Solution 3
I've recently run into similar issues using Angular 1.2.26, but only when interacting through a load-balancer - which may be stripping https-related headers...not sure of cause yet. I've resorted to this:
uri = $location.protocol() + "://" + $location.host() + "/someUrl"
You might want to add $location.port() also if using a non-standard port.
Related videos on Youtube
08 : 36
11 : 38
07 : 13
04 : 31
07 : 49
03 : 30
![AngularJS : ASP.NET Core Web API Calling | HTTP Call [A to Z]](https://i.ytimg.com/vi/HwHhmKeEv-0/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLDBGcq_lwUTWK3HvmuJauLU6QnU3Q)
24 : 36
02 : 02 : 42
07 : 29
Dick Van Ocampo
Updated on May 13, 2020Comments
-
Dick Van Ocampo about 4 years
I am using AngularJS,
$resource&$httpand working withapis, however due to security reason I need to make an HTTPS request (work under the HTTPS protocol).What's the way to use
httpsin AngularJS.Thanks for your help.
-
Paulo Scardine almost 10 yearsThis (using a relative URL) is not enough on my local setup (chrome Version 35.0.1916.114 on linux). Perhaps it is dangerous to assume it holds true for every browser/platform. -
Ben P. almost 10 yearsAre you serving via https on your local setup? What happens?
-
Paulo Scardine almost 10 yearsIt just calls using http only, I had to change
'/someUrl'to$window.location.origin + '/someUrl'. -
Alan Illing over 9 yearsI have the same problem, also using Chrome / linux. I decided to include the CORS headers in the response to whitelist cross-origin domains instead of modifying all my javascript code.
-
pztrick over 9 yearsDownvoted as my
$httpis indeed making requests using thehttp://protocol instead ofhttps://despite the page being served from https. -
scuba88 over 8 years@pztrick, Did you ever find a solution? My $http also seems to make requests using http:// rather than https://.
-
Luis Palacios almost 7 yearsThanks so much @Danil, it was a chaos with the api calls not working! but your answer set me on the right path and it only took me 5 minutes to resolve the issue. -
Illiax over 3 yearsin my case was the other way around. With tailing / it would send requests over http. So good to find this answer
