Setting favicon in FastAPI over https
Question:
I have deployed an API on a Ubuntu server and set-up Nginx and SSL so that all requests are made through https.
In FastAPI, I have set a favicon route to set the favicon for the site and this works during development, however in production I get the following error message in the browser console:
Mixed Content: The page at 'https://thefootballdata.com/' was loaded over HTTPS, but requested an insecure favicon 'http://thefootballdata.com/favicon.ico/'. This request has been blocked; the content must be served over HTTPS.
This is the code that I am using as a route for the favicon:
from fastapi import APIRouter
from fastapi.responses import FileResponse
router = APIRouter(prefix="/favicon.ico")
favicon_path = "./static/images/favicon/ball.ico"
@router.get("/", include_in_schema=False)
def favicon():
return FileResponse(favicon_path)
Answers:
When you include the / and the end of a route path, FastAPI adds a redirect if the same path is requested without the ending slash (so /users gets redirected to /users/ if you’ve registered /users/).
In this case you’ve added @router.get("/") which means a path ending with / under the base path you’ve given when creating APIRouter. Since this issues a redirect, and FastAPI doesn’t have information about the request being a https request (probably missing headers, hard to say), the redirect is issued with an http address instead.
Removing / from the route solves the issue:
@router.get("", include_in_schema=False)
def favicon():
return FileResponse(favicon_path)
I have deployed an API on a Ubuntu server and set-up Nginx and SSL so that all requests are made through https.
In FastAPI, I have set a favicon route to set the favicon for the site and this works during development, however in production I get the following error message in the browser console:
Mixed Content: The page at 'https://thefootballdata.com/' was loaded over HTTPS, but requested an insecure favicon 'http://thefootballdata.com/favicon.ico/'. This request has been blocked; the content must be served over HTTPS.
This is the code that I am using as a route for the favicon:
from fastapi import APIRouter
from fastapi.responses import FileResponse
router = APIRouter(prefix="/favicon.ico")
favicon_path = "./static/images/favicon/ball.ico"
@router.get("/", include_in_schema=False)
def favicon():
return FileResponse(favicon_path)
When you include the / and the end of a route path, FastAPI adds a redirect if the same path is requested without the ending slash (so /users gets redirected to /users/ if you’ve registered /users/).
In this case you’ve added @router.get("/") which means a path ending with / under the base path you’ve given when creating APIRouter. Since this issues a redirect, and FastAPI doesn’t have information about the request being a https request (probably missing headers, hard to say), the redirect is issued with an http address instead.
Removing / from the route solves the issue:
@router.get("", include_in_schema=False)
def favicon():
return FileResponse(favicon_path)