Bug summary

When running matplotlib using the webagg backend behind a reverse proxy that adds HTTPS with secure headers like HSTS, the request to the insecure websocket is blocked by the browser with the following error:

Mixed Content: The page at 'https:/<some_website>/' was loaded over HTTPS,  but attempted to connect to the insecure 
WebSocket endpoint 'ws://<some_website>/1/ws'. This request has been blocked; this endpoint must be available over WSS.

Code for reproduction

import matplotlib
import matplotlib.pyplot as plt

matplotlib.use('webagg')

plt.plot(range(10))
plt.show()

Actual outcome

Fails to connect to the websocket with the following message:

Mixed Content: The page at 'https:/<some_website>/' was loaded over HTTPS,  but attempted to connect to the insecure 
WebSocket endpoint 'ws://<some_website>/1/ws'. This request has been blocked; this endpoint must be available over WSS.

Expected outcome

The JavaScript code on the page should check whether the page is being served over HTTPS and if it is, the websocket uri should use wss: instead of ws:.

var uri = "{{ ws_uri }}" + {{ str(fig_id) }} + "/ws";
if (window.location.protocol === 'https:') uri = uri.replace('ws:', 'wss:')
var websocket = new websocket_type(uri);

Additional information

You have to be running this behind a reverse proxy that adds HTTPS and secure headers like HSTS. I'm actually running this behind a .dev domain.

Using Chrome

Operating system

Debian

Matplotlib Version

3.6.3

Matplotlib Backend

webagg

Python version

3.10.1

Jupyter version

No response

Installation

pip