InvokeAI: [bug]: Web UI uses `http`/`ws` behind a reverse proxy instead of `https`/`wss`
Is there an existing issue for this?
- I have searched the existing issues
OS
Linux
GPU
cuda
VRAM
No response
What version did you experience this issue on?
3.0.0+a8
What happened?
Upgraded to 3.0.0-rc1, web UI says “Disconnected”: socket.io websocket is not connecting because my reverse proxy does not support unsecure http/ws - it redirects automatically to https. Previous InvokeAI releases seemed to use https, if I’m not mistaken.
Tested 3.0.0-rc1 and 3.0.0+a8, both have the same problem.
Checked the code, seems that it is hard-coded to ws://.
Screenshots
Additional context
No response
Contact Details
No response
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 17
@andzejsp This change will be included in the next release.
i can confirm running this behind my nginxproxymanager over https is not possible, ws is not connecting… come on, there should be a flag to turn https on or off… this is some rookie mistake, jees… do you really want me poking at the code and PR malicious code or you will do it yourself?
Thanks to @sohelzerdoumi for fixing this in #4116.
This issue I opened is related to the discussion here. I have made a first pass at a possible fix: https://github.com/invoke-ai/InvokeAI/issues/3970
Hello all, I have just done a small test using. 3.0.2a1 and this appears to be solved. I don’t have access to my full environment at the weekends but it is looking good! Thank you all for not only this fix but the whole of Invoke!
i dont think they are really related. your issue involves running the server standalone as https. the problem in this issue is that the webclient incorrectly uses insecure URLs when the server is behind a reverse https proxy.
I have the same issue when running this of the reverse proxies It works fine for 2.3.5.post2
I have this issue on v3.0.0+b5 currently, However has affected all V3 releases I have tried. Enabling “Insecure content” from the “site settings” in your browser allows connections for the “localtunnel” reverse proxy. - https://localtunnel.github.io/www/ However NGROK does not work with this workaround.
For a way to test - I am building a google colab project that uses a choice of the two reverse proxys. https://github.com/MikeEmmett/InvokeAI
Errors from the browser console:
NGROK - Insecure content blocked: index-078526aa.js:121 Mixed Content: The page at ‘https://1583-34-171-200-172.ngrok-free.app/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://1583-34-171-200-172.ngrok-free.app/ws/socket.io/?EIO=4&transport=polling&t=ObA7BOk’. This request has been blocked; the content must be served over HTTPS.
NGROK - Insecure content allowed: Access to XMLHttpRequest at ‘https://1583-34-171-200-172.ngrok-free.app/ws/socket.io/?EIO=4&transport=polling&t=ObA7L0o’ (redirected from ‘http://1583-34-171-200-172.ngrok-free.app/ws/socket.io/?EIO=4&transport=polling&t=ObA7L0o’) from origin ‘https://1583-34-171-200-172.ngrok-free.app’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Localtunnel - Insecure content blocked: Mixed Content: The page at ‘https://funny-chicken-jump.loca.lt/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://funny-chicken-jump.loca.lt/ws/socket.io/?EIO=4&transport=polling&t=ObA7U1U’. This request has been blocked; the content must be served over HTTPS.
Localtunnel - Insecure content allowed: Mixed Content: The page at ‘https://funny-chicken-jump.loca.lt/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://funny-chicken-jump.loca.lt/ws/socket.io/?EIO=4&transport=polling&t=ObA7g3K&sid=no8iWN-sf2RRxNFwAAAA’. This content should also be served over HTTPS.