Blazor WASM - Breakpoints not firing on Client side code - after changing app from HTTPS to HTTP

Robert Salasidis 131 Reputation points
2023-10-09T01:18:12.7966667+00:00

I created the Blazor WASM application in SSL, but then realized that there is no way to mix any API queries with http (they must all be https)

Unfortunately, the application needs to talk to some IOT devices that can only work with http, and there is no way to upgrade them to use https

I then changed the application to http by

commenting out in Server program.cs

//app.UseHttpsRedirection();

//app.UseHsts();

I also removed the https URLs from the launchSettings.json files in both the client and the Server.

In the same files, I also renamed https to http under profiles

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:3898",
      "sslPort": 44322
    }
  },
  "profiles": {
    "http": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
      "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
      "applicationUrl": "http://localhost:5001",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

Now, the application launches in http, and the IOT device communicates OK, however, I am not able to do client side debugging of the @code page I did a Clean Build and a rebuild to no effect.

Any ideas?

Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,420 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Bruce (SqlWork.com) 57,886 Reputation points
    2023-10-09T16:51:12.36+00:00

    You are correct, browser security will not allow http calls from content loaded from https. I’d stick with https and proxy to the hosting server to call the IOT devices. This will also handle the case where the IOT device does not support CORS.

    0 comments No comments