Ajax GET request over HTTPS

You cannot make an AJAX request to an https page if you are currently in http because of the Same Origin Policy.

The host, port and scheme (protocol) must be the same in order for the AJAX request to work.

You can either make sure that the originating page is on the same host and scheme or implement CORS (cross-origin resource sharing) on the target domain to permit this particular request.

[jQuery v. 3.3.1]

I have a web application, where all resources and traffic are via HTTPS.

Yet, I found that I can't send $.ajax() or any of the specific $.get, $.post, etc. due to (Chrome output):

Refused to connect to 'http://mywebapp/api/mycall' because it violates the following Content Security Policy directive: "connect-src 'self'".

It was due to the HTTPS page making the AJAX requests through HTTP and I found no way to force HTTPS.

What is crazy is what fixed it. Calling $.get('/api/mycall/') outputs the above error with "Refused to connect to 'http://mywebapp/api/mycall'", which omits the ending forward slash in the actual call in the code. So from the error it looks as if the forward slash wasn't there.

I have done multiple calls and every single one fails when there is an ending slash in the url being called. The same ones all succeed without one.

So calling $.ajax({ url: '/api/mycall'}) works, whilst $.ajax({ url: '/api/mycall/'}) doesn't.