在 HTTPS 承载的页面上不允许出现 http 请求
在 HTTPS 承载的页面上不允许出现 http 请求,一旦出现就是提示或报错:
This request has been blocked; the content must be served over HTTPS解决方案
html:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"/>php:
header("Content-Security-Policy: upgrade-insecure-requests");nginx:
在server模块增加
add_header Content-Security-Policy "upgrade-insecure-requests;connect-src *";