I have a problem with serving manifest.json with nginx. Tutorial app served with webpack dev server on localhost:8080 works fine, while file served from nginx gets error:
Mixed Content: The page at ‘https://browser.blockstack.org/auth?authRequest=…’ was loaded over HTTPS, but requested an insecure resource ‘http://toolw.local/static/json/manifest.json’. This request has been blocked; the content must be served over HTTPS.
Error happens here:
Headers for my manifest file are as follows:
Access-Control-Allow-Headers: X-Requested-With, content-type, Authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Date: Fri, 06 Apr 2018 07:11:10 GMT
Expires: Fri, 06 Apr 2018 07:11:11 GMT
Last-Modified: Thu, 05 Apr 2018 18:42:41 GMT
I’ve tried to play with Content-Security-Policy in nginx, but with no effort. Could you please advice something?