Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
Khidzir_MN
Staff
Staff

Created on ‎08-24-2025 09:58 PM Edited on ‎08-26-2025 12:18 AM By Community Manager

Article Id 407972

Technical Tip: A workaround for 'Mixed Content' browser error (using FortiADC Content Rewriting)

Description This article provides a workaround for the 'Mixed Content' browser error observed when accessing a website onboarded through FortiADC Virtual Server/
Scope FortiADC and FortiADC-VM
Solution

The 'Mixed Content' browser error is usually due to the respective application code containing resources that use HTTP while the respective website is accessed using HTTPS: Mixed_content

 

Example:

Browser error:

 

mixed_content_error.png

 

Application code:

 

application_code.png

 

Workaround:

The recommended solution is to change the resources in the application code to use HTTPS instead of HTTP.
However, if the application code change is not possible, it is possible to use FortiADC Content Rewriting feature to add 'Content Security Policy' 'upgrade-insecure-requests' as a workaround.

 

Step1: Configure the Content Rewriting to add 'Content Security Policy' 'upgrade-insecure-requests'.

 

content_rewriting_csp.png

 

Step2: Enable and select the Content Rewriting created in Step1 for the respective Virtual Server:

 

vs_config.png

 

Related documents:
Upgrading insecure requests

Using content rewriting rules

Configuring virtual servers
63
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.