Question posted in 
I am using the below code for redirection, if the user’s country is not India then redirect it else keep on the same page
<script src="https://code.jquery.com/jquery-1.9.1.min.js"></script>
<script type="text/javascript">
function preloadFunc()
{
$.ajax('http://ip-api.com/json')
.then(
function success(response) {
if(response.country!="India")
{window.location.replace("https://www.google.com/");}
}
window.onpaint = preloadFunc();
</script>
3
Answers
What happens when you try to do the http call from an https initiated site:
jquery-1.9.1.min.js:5 Mixed Content: The page at ‘https://******’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://ip-api.com/json’. This request has been blocked; the content must be served over HTTPS.
If you try to use https for this call you get:
jquery-1.9.1.min.js:5 GET https://ip-api.com/json 403 (Forbidden)
and if you try https://ip-api.com/json direct in your browser you get
Incidentally, you also have two JS syntax errors in your code. Here is a corrected version (not that it helps in getting the ip stuff returned over https I’m afraid).
There are two problems:
You cannot make an ajax request using a non-secure method (http) when your page is loaded using a secure method (https). So,if your page is loaded using https, make ajax calls only via https
When doing that, the other problem that occurs is with the security violation that happens when you use
window.location.replace. The replace method rewrites the current page history in the browser and redirects the page. But the limitation is that the origin of the destination should be as same as where the page is served.Use one of the following methods to redirect if you want to navigate away from the current origin.
That endpoint dont support
httpsHit directly and check