报错:This request has been blocked; the content must be served over HTTPS,如下图:
问题原因:HTTPS页面里动态的引入了HTTP资源,比如引入一个js文件,会被直接block掉的.在HTTPS页面里通过AJAX的方式请求HTTP资源,也会被直接block掉。
解决方法一:(没试过,要改的页面太多了,没有使用该方法)
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
可以在相应的页面的<head>里加上这句代码,意思是自动将http的不安全请求升级为https
解决方法二:修改 nginx 的 proxy 配置部分
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header Content-Security-Policy upgrade-insecure-requests; #自动升级请求,加载 http 资源时自动替换成 https 请求 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
/opt/nginx/sbin/nginx -s reload 即可
标签:Control,http,header,add,https,页面 From: https://www.cnblogs.com/dannylinux/p/18356879