Mixed Content: xxx This request has been blocked; the content must be served over HTTPS.

在升级https的过程中,出现如下问题:

Mixed Content: The page at ‘https://www.xxx.com/denglu.html‘ was loaded over HTTPS, but requested an insecure script ‘http://qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js‘. This request has been blocked; the content must be served over HTTPS.

问题抛出:如何在HTTPS 网页中引入HTTP资源: Mixed Content?

问题原因:HTTPS页面里动态的引入HTTP资源,比如引入一个js文件,会被直接block掉的.在HTTPS页面里通过AJAX的方式请求HTTP资源,也会被直接block掉的。

解决方案:

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

可以在相应的页面的<head>里加上这句代码,意思是自动将http的不安全请求升级为https

参考:https://thehackernews.com/2015/04/disable-mixed-content-warning.html

原文地址:https://www.cnblogs.com/joshua317/p/9073633.html

时间: 2024-11-09 09:42:12

Mixed Content: xxx This request has been blocked; the content must be served over HTTPS.的相关文章

在普通网页显示正常,加Https报This request has been blocked; the content must be served over HTTPS.,https网站加载http资源时,http资源被block

解决办法 :在html头加<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">问题解决 原文地址:https://www.cnblogs.com/zhouguomao/p/11450921.html

【Https异常】This request has been blocked; the content must be served over HTTPS

一.问题出现场景 项目从http升级到https后,jsp页面存在发送http请求的情况下就会出现该异常.因为HTTPS 是 HTTP over Secure Socket Layer,以安全为目标的 HTTP 通道,所以在 HTTPS 承载的页面上不允许出现 http 请求. 二.解决办法 在jsp页面中,添加下面的meta头就可以了 <meta http-equiv="Content-Security-Policy" content="upgrade-insecur

This content should also be served over HTTPS

HTTPS 是 HTTP over Secure Socket Layer,以安全为目标的 HTTP 通道,所以在 HTTPS 承载的页面上不允许出现 http 请求,一旦出现就是提示或报错: Mixed Content: The page at 'https://domain.com/w/a?id=074ac65d-70db-422d-a6d6-a534b0f410a4' was loaded over HTTPS, but requested an insecure image 'http:

转载 Mixed Content Page

网站配置了https之后,网页上的百度地图无法正常显示,报错类似于: Mixed Content: The page at 'https://url_1' was loaded over HTTPS, but requested an insecure script 'http://monitor_analytic.js'. This request has been blocked; the content must be served over HTTPS. 原因可能是: 1. HTTPS页

Mixed Content混合内容错误 Iframe Http页面无法访问

问题描述 为通过安全测试, 系统升级为https, 后由于新增了接口(页面集成方式, 即第三方系统某一个界面需要嵌入到我们系统的某个页面中) 采用iframe和重定向方式都报同样的错误, 意思就是我们系统是https, 第三方系统是http, 请求被block了. 下面是chrome报错的内容: Mixed Content: The page at ’ was loaded over HTTPS, but requested an insecure resource ‘xxxxxxxxxxxxx

谈谈HTTP/2对前端的影响【转载】

原文:http://www.peep-squirrel.com/itcontent-2500617.html 随着 HTTP/2 规范的确认,以及主流浏览器(Chrome.Firefox.IE11)对其的全面支持,是时候采用新协议了.看了很多博文跟官方说明,在此做个总结, 为什么要有 HTTP/2 ? HTTP/2给前端带来哪些影响? 减少HTTP请求不一定提升性能 压缩仍然需要 如何使用 HTTP/2 ? 创建证书 搭建服务 验证 如何使用 PUSH ? HTTP/2 部署现状 客户端 服务端

http升级https的时候,遇到一个问题

问题: Mixed Content: The page at 'https://api.xxxx.com/test' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://api.xxxx.com/test'. This request has been blocked; the content must be served over HTTPS. 添加这个: <meta http-equ

跨域请求所遇到的错误

1.Mixed Content: The page at 'https://www.1399p.com/api/kaijiang.html?lottery=pk10,cqssc,xyft&set=pk10&bgcolor=e0e0e0' was loaded over HTTPS, but requested an insecure script 'http://s23.cnzz.com/stat.php?id=5959517&web_id=5959517'. This reque

浏览器警告:provisional headers are shown

今天遇到一个问题,和java小哥哥讨论了一下 https请求http | http请求https 重定向出现的问题 登录过期之后请求后台,浏览器报provisional headers are shown 并且所有的请求都没有请求到后台 原因: 1,后台用的shell自带的filter 过滤器 直接就给了前端302(重定向) 2,前端是https(并且不支持http),然后java内部转发是http请求 然后前端也跟着重定向后台给的location 就会报错 请求不了 解决方案: 1,后台小哥哥