I have a ScriptManager in my aspx ASP.NET web page.
If I use the following
<asp:ScriptManager EnablePartialRendering="true" AsyncPostBackTimeOut="300"
ID="ScriptManager1" runat="server" />
I see the following errors in the browser
Uncaught Error: ASP.NET Ajax client-side framework failed to load. Uncaught ReferenceError: Sys is not defined
when I add EnableCdn="true" then I get a warning about the mixed content that reads
HTTPS security is compromised by http://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js ... and by http://ajax.aspnetcdn.com/ajax/4.6/1/MicrosoftAjax.debug.js
Of course if I force loading, it eventually works, but this is very far from ideal.
I also don't understand how the issue has arisen in a porting from Windows Server 2012 to Windows Server 2016 with respective versions of IIS 8 and 10. Apparently, in the original server, the same code works fine - even without EnableCdn="true" - and all those requests seem to be managed in https as expected.
Almost all went well.
What I've done is adding the following lines inside the Global.asax.cs:
protected void Application_Start(object sender, EventArgs e)
{
//....
var defAjaxForms = new ScriptResourceDefinition();
defAjaxForms.CdnPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/MicrosoftAjaxWebForms.debug.js";
defAjaxForms.CdnDebugPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/MicrosoftAjaxWebForms.debug.js";
defAjaxForms.CdnSupportsSecureConnection = true;
defAjaxForms.Path = "~/Scripts/WebForms/MicrosoftAjaxWebForms.debug.js";//local resource
defAjaxForms.DebugPath = "~/Scripts/WebForms/MicrosoftAjaxWebForms.debug.js";
ScriptManager.ScriptResourceMapping.AddDefinition("MicrosoftAjaxWebForms.js", defAjaxForms);
var defAjax = new ScriptResourceDefinition();
defAjax.CdnPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/MicrosoftAjax.js";
defAjax.CdnDebugPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/MicrosoftAjax.js";
defAjax.CdnSupportsSecureConnection = true;
defAjax.Path = "~/Scripts/WebForms/MicrosoftAjax.js";//local resource
defAjax.DebugPath = "~/Scripts/WebForms/MicrosoftAjax.js";
defAjax.LoadSuccessExpression = "window.Sys && Sys._Application && Sys.Observer";
ScriptManager.ScriptResourceMapping.AddDefinition("MicrosoftAjax.js", defAjax);
var defForms = new ScriptResourceDefinition();
defForms.CdnPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js";
defForms.CdnDebugPath = "https://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js";
defForms.CdnSupportsSecureConnection = true;
defForms.Path = "~/Scripts/WebForms/WebForms.js";
defForms.DebugPath = "~/Scripts/WebForms/WebForms.js";
defForms.LoadSuccessExpression = "window.Sys && Sys._Application && Sys.Observer";
ScriptManager.ScriptResourceMapping.AddDefinition("WebForms.js", defForms);
}
The only thing that is still KO is the WebForms.js: I'm still getting
... was loaded over HTTPS, but requested an insecure script 'http://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js'. This request has been blocked; the content must be served over HTTPS.
Finally I applied this answer (notice that they define ResourceName and ResourceAssembly instead of Path and DebugPath) with all http:// replaced by https://
You can configure ScriptManager mapping in Code Behind. Something like this. Page_PreRender is good place for it.
Dim def As New ScriptResourceDefinition()
def.CdnPath = "https://ajax.aspnetcdn.com/ajax/4.0/1/MicrosoftAjax.js"
def.CdnDebugPath = "https://ajax.aspnetcdn.com/ajax/4.0/1/MicrosoftAjax.js"
def.CdnSupportsSecureConnection = True
def.Path = "~/js/lib/MicrosoftAjax.js" ''//local resource
def.DebugPath = "~/js/lib/MicrosoftAjax.js"
def.LoadSuccessExpression = "window.Sys && Sys._Application && Sys.Observer"
ScriptManager.ScriptResourceMapping.AddDefinition("MicrosoftAjax.js", def)