In this article, we`ll check different approaches to fix the mixed content errors we received in ODOO, served over HTTPS, while connecting with POSBOX. But before starting we need to know some basic terms related to it, lets begin:
What is HTTPS ? What are the benefits of using HTTPS over HTTP ?
When we visit a web page using HTTP protocol, your connection to the website is not secured. Hackers can easily do eavesdropping here, and can stole your data which webpage and your server communicates.
That’s why we have HTTPS protocol, The ‘S’ at the end of HTTPS stands for ‘Secure‘. It means all communications between your browser and the website are encrypted. This keeps your information safe from hackers. HTTPS is extremely important if we are using any payment gateways or other password related things in your websites.
What is “mixed content”?
Mixed content error occurs when we try to access a web page which is on HTTPs but the web page’s source code is also pulling some other resources with the insecure HTTP protocol. In this scenario, browsers display a warning/error message saying that the page has both HTTPS and HTTP content, i.e MIXED CONTENT.
Odoo POSBOX blocked by “Mixed Content” Security Policy
After migrating ODOO from http to https, posbox stopped working we have this mixed content problem which prevents loading http resources from a page served in https. In other words if your point of sale is served over https, browser will block the http connection to the posbox. Error message which we are receiving in browser is something like :
Mixed Content: The page at ‘https://192.168.1.78/pos/web/#action=pos.ui‘ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://192.168.1.93:8069/hw_proxy/hello‘. This request has been blocked; the content must be served over HTTPS. send @ web.assets_common.js:954
There are several approaches to fix this issue, which i `ll explain in this article:
Approach 1: Deactivate mixed content security in your browser. [ Works only with Firefox, No workaround found for Chrome/Safari till date ]
To disable mixed content warnings in Firefox open Firefox, enter about:config into address bar and hit Enter. Using the search box, search for a setting called security.mixed_content.block_active_content. Once you have found it, set it to false.
Unfortunately we can`t disable this security in case of Chrome or Safari, we have to use some other approaches in order to fix this issue.
Approach 2: Serve the point of sale over http. [ Have to compromise with loading some of ODOO data in plain HTTP ]
We can serve our point of sale in plain HTTP, and rest of our ODOO as HTTPS by configuring nginx to only serve the point of sale route
/pos/webin HTTP.Check sample nginx configuration file having this setup, LINK
Approach 3: Migrate POSBOX as well, in HTTPS. [ Best Approach Found till date ]
Install & configure nginx in posbox also, and append https:// with the IP address while configuring in your Point of Sale.
I have created a image having nginx properly installed and configured in it, if someone looking for the same, can use it. what you need to do is :
- Download Image [NEW]ODOO-POSBOX-HTTPS.zip
- Extract it, and burn it in the memory card, same way as you did for original posbox image.
- Run your posbox, if you hit your posbox ip address in browser as : https://<posbox-ip-address> , you`ll see your POSBOX default homepage.
- Put this https://<posbox-ip-address>, in your Point-Of-Sale configuration as:
That`s it…
Thanks for reading this blog !!! I hope it will help someone.
Your opinions, comments and suggestions are important to keep this extension updated and more usefull !!!
52 comments
Thanks
Muchas gracias por sus valiosos comentarios.
¡Manténganse al tanto!
Hello Jorge Saavedra,
Thank you very much for your valuable feedback.
Stay Tuned!
Regards
Anisha Bahukhandi
i am using odoo V10 and the posbox image is not hiting to my ip address (https:// posbox ip address:8069
Drop us a mail at support@webkul or raise a ticket to get better and quick assistance.
Regards
Anisha Bahukhandi
I also added https:// to the KOT printer. Any Advice?
You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ w`ll definately try to help you
Thanks
It seems that you are trying to connect printers on your network to your POS.
As CUPS is entirely a server & that needs a proper setup from scratch including dependencies.
We are also working in the same direction, i.e integrating CUPS, Bluetooth & some other peripherals into POS to connect to external devices.
You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ in case you have similar requirements.
Thanks,
Many thanks for time saved and elegant workaroud.
best regards
The image uses the latest version available from Odoo. So, it should work with Odoo 12.
Try once!!
Thanks,
In order to establish a connection to the POSBox via https, I first have to open the default page of the box via https in the browser I intend to run Odoo POS and accept, that I want to access this address even without a valid SSL certificate. As far as I know, accepting this exception gets reset from time to time by the browser. Is there a possibility to make this permanent? I don’t thnik that it is possible to somehow get a valid certificate for a local IP address.
Thanks
Yes, the script is setup to generate new certs on every boot. The exception should be accepted by browsing the default page once before use.
It’s not possible to get valid certs for a local IP.
Thanks,
You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ for better communication with good response time 🙂
Thanks
also when will the letsencrypt version be available?
Please try newer image uploaded. Earlier, the update wasn’t published on blog properly.
Letsencrypt doesn’t offer certs on IPs(local or Public).
You would be able to use Letsencrypt certs only if you map a public domain to it.
Thanks,
tienen idea si alguna de estas soluciones se ha implementado en la nueva versión del posbox (IOT Box) y ha funcionado?
Gracias.
As the private IP can be different for everybody, the image has been provisioned to read the local IP on every boot & generate self-signed certs for itself. You would then be able to access it over 443(https/SSL).
So you would need to map a static IP to your POS & accept the SSL certs in order to use it over SSL.
Thank you for writing about the different alternatives to solve this issue.
I just tried your new.img by flashing it as the posboxv15.img, however the “new” box does not create a wireless access point. Instead the Posbox Status printed shows two IP adresses 127.0.0.1 and 192.168.1.199.
Then, I connected directly through the ethernet interface to my laptop and I can reach the configuration page through http://192.168.1.199:8069 (not https). I see that I have v17, however, when I go to the WiFi configuration page, there is no neighbouring SSID offered, although the box with the standard image v15 sees, besides mine, all of the multiple neighbouring routers in the vicinity.
Is this an expected behaviour? Am I missing some step in the setup of this special image?
Thanks in advance,
Juan.
You may try our new image. This time it reads the local IP received via DHCP protocol. Browse the IP over https(without 8069).
If you plug in the ethernet cable, all Wi-Fi related functionalities will be disabled as a wired network connection is available.
Thanks,
Indeed what I explained earlier has been experienced with new.img (v17?) and unfortunately there seems to be something wrong with the IP taken by the PosBox (RP3). My systems take an address in 192.168.0.xxx from the router, however the PosBox takes (apparently) the address 192.168.1.199.
The address of the posbox is always the same, independently of turning it on w/o connecting it via cable to the router. When I check my router, then the system is connected, however no IP has been provided to the system. There must be an issue with the DHCP in this image.
Please try newer image uploaded. Earlier, the update wasn’t published on blog properly.
Thanks,
I tried approach number 3! Printing client bill is on! But I can. It print kitchen ticket!
Any idea how to fix it?
Can you elaborate your issue, if possible can you copy-paste the exact error you are getting in browser`s console or in odoo log here.
You may raise a ticket (https://support.uvdesk.com/en/customer/create-ticket/) to better handle your request.
Thanks
To reproduce:
1) Set PosBox IP https://address
2) set Order printer https://address (can be same as above)
[ NOTE, you need to set product category for the printer]
Print bill works, but when you select a product in product category selected in order pinter category > this will make the “Order” button go green > Clicking this should print a KOT slip for the products to be made
Bill printer is fine, but order printout doesnt work
You can create a ticket at https://webkul.uvdesk.com/en/customer/create-ticket/ w`ll definately try to help you
Thanks
I did approach 3! We have posbox in a restaurant so, we have print for kintchen!
So, I can find the posbox with this (https://posbox-up-address)
Put when I enter manually in odoo hardware/proxy material this one (https:// posbox-ip-address ) and same for IP address for kitchen print, doesn’t work!
Any idea from your parte?
Because I don’t understand why hardware don’t work for client ticket and kitchen ticket…
Best regards,
Can you elaborate your issue, if possible can you copy-paste the exact error you are getting in browser`s console or in odoo log here.
You may raise a ticket (https://support.uvdesk.com/en/customer/create-ticket/) to better handle your request.
Thanks
I’m using Apache installed on my cloud server with letsencrypt
can you share the nginx configurations to set it up to the newer version of iot box
Thanks
Please let me know if i can help you anywhere.
Thanks
Thanks
We have downloaed the image from approache2 and burned it on SD card. It s working fine.
But when i shut down the PC or reboot, Odoo doesnt connect automatically to the pos.
Whe have to type https://IP_of_POSBOX and then it conencts..
Do u have any idea?
We are using firefox.
Generally pos automatically searches for any available posbox ip in the network, if you have a static ip of posbox, you can configure it on ODOO, and in place of typing posbox IP manually in the browser, you can click on refresh button on POS itself to search for it.
Please let me know of you have any problem, i`ll share some screenshots then to explain you.
Thanks
It is not working for me without accepting the self-signed certificate after entering the IP address of the POSbox over HTTPS.
Is the solution with Letsencrypt still on a way ?
Yes, I`ll soon update the image as well and my blog.
Thanks for the help. For the third approach, it is not working for me. No way to reach the page over https directly. Certificate are not “safe” because of auto-signed. I need to accept the certificate on https:// before using the POS over HTTPS.
Does a way exist to make that automatically ? Idea of Letsencrypt was a good idea, maybe did you add it now ?
Thanks.
Thanks
can you point out how to do Option 2?
Br,
Egon
Approach 2: In case you are using the Point of Sale module in combination with a POSBox, you must disable the HTTPS configuration for the route /pos/web to avoid mixed-content errors, by modifying nginx configuration file, as:
ADD:
# Redirect POS to http
location ~ ^/pos/web {
rewrite ^(.*) http://$host:8069$1 permanent;
}
and restart nginx
You can also check sample nginx configuration file having this setup from this link :
https://raw.githubusercontent.com/mohitg1213/odoo_scripts/master/odoo-ssl
Thanks
Thanks
ADD:
# Redirect POS to http location ~ ^/pos/web { rewrite ^(.*) http://$host:8069$1 permanent; }
and restart nginx
You can also check sample nginx configuration file having this setup from this link :https://raw.githubusercontent.com/mohitg1213/odoo_scripts/master/odoo-ssl
Thanks
— With Best Regards, Mohit Chandra (WebKul Team)
thank you for your work. This helped me out a lot. Maybe to implement letsencrypt to avoid certification error and consider updating v16 image also up front?
Br,
ER
Para Imprimir en impresora de cocina:
https::443
example:
https://192.168.0.162:443
Thanks to Mohit Chandra Image of Posbox
Kindly elaborate your query so that we can assist you accordingly.
Regards
Anisha Bahukhandi