nginx Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure stylesheet

最新推荐文章于 2024-05-26 20:28:23 发布
最新推荐文章于 2024-05-26 20:28:23 发布
阅读量4.9k 收藏 3
点赞数
分类专栏: Java 文章标签: nginx tomcat java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Loser688/article/details/105361072
版权

今天在用nginx代理tomcat的时候,ssl出现的问题,nginx使用443(https),tomcat使用80(http)。
在重定向时会出现以上问题导致页面资源文件加载不出来。这是因为tomcat不知道nginx发来的是http还是https。
默认情况下,nginx得到的https的访问会以http的方式发给负载的tomcat。

我们先给nginx配置

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

二、tomcat中server.xml 的 engine 模块下

<Valve className="org.apache.catalina.valves.RemoteIpValve"

remoteIpHeader="X-Forwarded-For" protocolHeader="X-Forwarded-Proto"

protocolHeaderHttpsValue="https"/>

这样基本问题就解决了

给nginx和tomcat配置 X-Forwarded-Proto 就是为了正确地识别实际用户发出的协议是 http 还是 https。
X-Forwarded-For 是为了获得实际用户的 IP。

King68800
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Mixed Content: The page at ‘<URL>‘ was loaded over HTTPS, but requested an insecure script ‘<URL>‘.
记录和分享属于我的“IT”时光
05-10 1万+
报错信息: Mixed Content: The page at ‘’ was loaded over HTTPS, but requested an insecure script ‘’. This request has been blocked; the content must be served over HTTPS. 出错原因: 因为谷歌浏览器对于https链接会自动屏蔽不安全的http链接,就是所谓的Mixed ContentHTTPS页面里动态的引入HTTP资源时,比如引入一个js文件,
nginx CA证书配置HTTPS
qq_40095973的博客
03-29 897
server {    listen 443;    server_name eee.top;    ssl on;    root /data/webroot/test;    index index.html index.htm;    ssl_certificate   cert/2.pem;    ssl_certificate_key  cert/244.key;    ssl_sess...
Mixed Content: The page at ‘’ was loaded over HTTPS, but requested an insecure script ‘’. This reque
最新发布
m0_53363112的博客
05-26 291
因为谷歌浏览器对于https链接会自动屏蔽不安全的http链接,就是所谓的Mixed ContentHTTPS页面里动态的引入HTTP资源时,比如引入一个js文件,会被直接block掉的.在HTTPS页面里通过AJAX的方式请求HTTP资源,也会被直接block掉的。
Mixed Content: The page at ‘<URL>‘ was loaded over HTTPS, but requested an insecure frame ‘<URL>‘...
java小白翻身
04-16 8395
在添加了SSL证书的HTTPS中引入用HTTP的链接,就报错,请求协议的不同导致的 所有有关https带有http的文件或者链接例如:images / js等文件都会报请求 “网页的“ < url > ”是通过 HTTPS 加载的,但是请求一个不安全的帧“ < url > ”。此请求已被阻止; 内容必须通过 HTTPS 提供。” 解决方法: 第一种:查看http的文件,放到https路径中,引入方式添加https 第二种 页面的head中加入: <.
错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure.
weixin_54197236的博客
08-29 1万+
浏览器Mixed Content问题
Nginx出现The plain HTTP request was sent to HTTPS port问题解决方法
09-30
标题中的"The plain HTTP request was sent to HTTPS port"错误在Nginx服务器配置中是一个常见的问题,通常发生在尝试通过HTTPS(安全的HTTP协议)访问网站时,但Nginx却接收到一个非加密的HTTP请求。这通常是由于...
error: RPC failed; HTTP 413 curl 22 The requested URL returned error: 413 Request Entity Too Large
01-08
git首次提交代码到远程仓库提示413错误,错误信息如下 git push --set-upstream origin master Enumerating objects: 153, done. ... HTTP 413 curl 22 The requested URL returned error: 413 Req
plex-nginx-reverseproxy:配置为服务Plex Media Center https
05-30
最低要求nginx 丛: 远程访问 - 禁用网络 - 自定义服务器访问 URL = https://<your>:443,http://<your>:80 网络 - 安全连接 = 首选。 Note you can force SSL by setting required and not adding the HTTP URL, ...
微信小程序:nginx 设置HTTPS
03-29
程序是NGINX做前段代理,现将NGINX设置HTTPS做个总结 微信小程序需要HTTPS服务,并且有相关要求:  (此图片来源于网络,如有侵权,请联系删除! ) (此图片来源于网络,如有侵权,请联系删除! ) 开发通过...
解决Mixed Content:the page at‘https://‘ was loaded over HTTPS,but requested an insecure resource ‘http
weixin_45816407的博客
05-29 1万+
解决Mixed Content:the page at‘https://’ was loaded over HTTPS,but requested an insecure resource ‘http://’查资料后发现原因是在https中请求http接口或引入http资源都会被直接blocked(阻止),浏览器默认此行为不安全,会拦截。在页面中加上此meta标签,原理是使用META标签强制将http请求转成https(SSL协议)请求。public/index.html里面加入此行代码。
nginx负载均衡中配置tomcat出现跨域的问题
my_interface的博客
10-15 736
1.错误提示问题: 当nginx开启80跳转到443的时候,页面出现这个问题 Mixed Content: The page at 'https://...../#' was loaded over HTTPS, but requested an insecure form action 'http://.../**/**'. This request has been blocked; the content must be served over HTTPS. 2.下图为配置nginx的配置文件.
记录Mixed Content: The page at ‘http://XXX‘ was loaded over HTTPS, but requested an ...
MR_SNAIL的博客
05-07 2041
报错信息 Mixed Content: The page at ‘http://XXX’ was loaded over HTTPS, but requested an insecure script ‘http://XXX’ . This request has been blocked; the content must be served over HTTPS. 报错原因 HTTPS 是 HTTP over Secure Socket Layer,以安全为目标的 HTTP 通道,所以在 HTTPS
was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint
celebrateyang的博客
09-06 1万+
chrome 禁止ajax 请求后端时,进行https检查
https访问后端 vue_Web:前后端http/https跨协议问题
weixin_39765796的博客
12-20 4112
1.问题搭建内部中台时遇到了一个很尴尬的问题:搭建前端使用的vue,然后产出静态文件,用nginx代理到http的地址;搭建后端使用的flask-restful,直接python运行,运行在http的地址;(另外吐槽下,flask-restful真心好用,但是目前资料真的太少,flask的资料多,但是作为初学者,还看不懂TAT)内部地址找运维大大申请了,最终运行在https的地址;问题出现了:前端...
【报错解决】【Vue】与后端交互时,http与https跨域问题
萌狼蓝天の技术栈
06-06 4392
问题 xhr.js:220 Mixed Content: The page at 'https://xxx' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://xxx'. This request has been blocked; the content must be served...
http请求https报错:Mixed Content: The page at ‘xxx‘ was loaded over HTTPS, but requested an insecure...
qq_43654065的博客
05-11 6003
当我们的浏览器出现类似“was loaded over HTTPS, but requested an insecure resource/frame”这种错误是,一般都是因为我们的网站是HTTPS的,而对方的链接是HTTP协议的,因此在Ajax或者javascript请求时,就会报如下这种错误: 具体错误类似如下: Mixed Content: The page at 'xxx' was loaded over HTTPS, but requested an insecure resource '
错误:Mixed Content: The page at 'https://a.b.com/detail?id=5' was loaded over HTTPS, but reque
热门推荐
小单的博客专栏
04-19 4万+
关于这个错误的详细内容为:Mixed Content: The page at 'https://a.b.com/detail?id=5' was loaded over HTTPS, but requested an insecure script 'http://a.b.com/xxxxxxx'. This request has been blocked; the content must b
JS错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure 新的问题
简简单单Onlinezuozuo
10-15 3万+
文章目录JS错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure 新的问题1、修改nginx 配置参考2、让nginx 携带信息3、修改tomcat 的 Connector 以支持https4、tomcat 配置文件,仅供参考 JS错误:Mixed Content: ...
多个nginx报错9Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure script '<URL>'. This request has been blocked; the content must be served over HTTPS.
06-09
这个错误提示是由于页面使用了 HTTPS 加密协议,但是请求的脚本却使用了 HTTP 协议,因此被浏览器拦截了。为了解决这个问题,你需要将所有的资源都改为使用 HTTPS 协议加载,包括脚本、样式、图片等等。如果你的资源是从外部加载的,需要确保这些外部资源的 URL 也使用了 HTTPS 协议。如果你使用了 Nginx 作为 Web 服务器,可以在配置文件中添加以下代码,将所有 HTTP 请求自动转为 HTTPS 请求: ``` server { listen 80; server_name yourdomain.com; return 301 https://$server_name$request_uri; } ``` 这个配置将所有 HTTP 请求都自动重定向到 HTTPS 请求,确保你的网站使用的是安全的 HTTPS 协议。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值