I am working on a project where I want to control a device from a my a page on my Wordpress website. See the high level design here.
The issue I am running into is with browser security. Since my website is running HTTPS and the Hubitat MakerAPI as my API endpoint is serving HTTP visors to my site will get an error "Mixed Content" security block. This cause the action button I want on the site to fail. I have considered building a proxy to receive the HTTPS and then generate the HTTP but this seems like a lot of work. Maybe I am just lazy. Has anyone else run into this issue and come up with any create ideas to resolved it?
So I can call the cloud API from browser directly, but when I add it into the code on my website and click the button. I am seeing a 403 in the console along with CORS error.
I added the source site URL to CORS in MakerAPI does that update for CORS on the cloud endpoint also ?