报错:Mixed Content: The page at 'https://***/login.jsp' was loaded over HTTPS, but requested an ins...

最新推荐文章于 2023-08-29 15:25:26 发布
最新推荐文章于 2023-08-29 15:25:26 发布
阅读量3.1k 收藏 6
点赞数
分类专栏: CA 文章标签: https无法访问静态资源
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/feng2147685/article/details/105247297
版权

集成CA后,项目内的静态资源无法访问。

 

控制台报错如下:

报错信息如下:

1 Mixed Content: The page at 'https://login.jsp' was loaded over HTTPS, but requested an insecure stylesheet 'http://login.css'. This content should also be served over HTTPS.

问题解析:

在使用tomcat+nginx时。Nginx使用https,tomcat使用http。使用iframe之类框架,在重定向时会出现以上问题导致页面加载不出来。这是因为Tomcat不能知道Nginx发来的是http还是https。

让tomcat知道nginx发来的是http还是https。默认情况下,nginx得到的https的访问会以http的方式发给负载的tomcat。

如果让tomcat知道是https的,需要如下配置:

(1)配置 Nginx 的转发选项:

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

 

(2)配置Tomcat server.xml 的 Engine 模块下配置一个 Value: 

<Valve className="org.apache.catalina.valves.RemoteIpValve"

remoteIpHeader="X-Forwarded-For" protocolHeader="X-Forwarded-Proto"

protocolHeaderHttpsValue="https"/>

配置双方的 X-Forwarded-Proto 就是为了正确地识别实际用户发出的协议是 http 还是 https。

X-Forwarded-For 是为了获得实际用户的 IP。

 

问题解决:

 

皮卡丘踢球
关注
  • 0
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
关于Hexo的Mixed Content: The page at ‘<URL>‘ was loaded over HTTPS, but requested an insecure stylesh.
昊月光华的博客
12-17 462
这个问题说明,网站是通过HTTPS进行加载的,HTTPS被认为是安全的,但是网站请求了别的HTTP协议的资源.需要我们把。重新部署解决问题.F12看有没有报错,问题解决.(如下显示连接安全)
was loaded over HTTPS, but requested an insecure错误解决
YHJ
06-12 6万+
当我们的浏览器出现类似“was loaded over HTTPS, but requested an insecure resource/frame”这种错误是,一般都是因为我们的网站是HTTPS的,而对方的链接是HTTP协议的,因此在Ajax或者javascript请求时,就会报如下这种错误: 具体错误类似如下: Mixed Content: The page at 'xxx' was loaded over HTTPS, but requested an insecure resource '
nginx Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure stylesheet
Loser688的博客
04-07 5003
今天在用nginx代理tomcat的时候,ssl出现的问题,nginx使用443(https),tomcat使用80(http)。 在重定向时会出现以上问题导致页面资源文件加载不出来。这是因为tomcat不知道nginx发来的是http还是https。 默认情况下,nginx得到的https的访问会以http的方式发给负载的tomcat。 我们先给nginx配置 proxy_set_header ...
http请求https报错Mixed Content: The page at ‘xxx‘ was loaded over HTTPS, but requested an insecure...
weixin_58215548的博客
11-09 1万+
http请求https报错Mixed Content: The page at ‘xxx‘ was loaded over HTTPS, but requested an insecure...
解决Mixed Content: The page at https://xxx was loaded over HTTPS
qq_42190001的博客
06-20 5万+
解决Mixed Content: The page at 'https://www.testcase.com' was loaded over HTTPS
Mixed Content: The page at ‘https:...‘ was loaded over HTTPS, but requested an insecure script ‘http
baidulixueqin的博客
05-08 1805
今天把个人博客上传github预览时发现样式没了,打开控制台发现请求被拦截。 原因: 浏览器不允许在https页面里嵌入http的请求,现在高版本的浏览器为了用户体验,都不会弹窗报错,只会在控制台上打印一条错误信息。如下图所示: 解决方法 1’ 既然不支持http,那就改为https 2’ 将http自动升级为https 将调用的http请求升级成https请求 <meta http-equiv="Content-Security-Policy" content="upgrade-insecure
Eclipse运行android项目报错Unable to build: the file dx.jar was not loaded from the SDK folder的解决办法
08-26
今天小编就为大家分享一篇关于Eclipse运行android项目报错Unable to build: the file dx.jar was not loaded from the SDK folder的解决办法,小编觉得内容挺不错的,现在分享给大家,具有很好的参考价值,需要的...
https请求报错block:mixed-content问题的解决办法(已解决)
12-21
错误信息是“Mixed Content: The page was loaded over HTTPS,but requested an insecure resource. This request has been blocked; the content must be served over HTTPS。”,意味着页面是通过HTTPS加载的,但...
bpy-3.4.0-cp310-cp310-win-amd64.whl : blender3.4 的api安装包
12-31
Blender has an embedded Python interpreter which is loaded when Blender is started and stays active while Blender is running. This interpreter runs scripts to draw the user interface and is used for ...
harmonyos2-homebridge-legacy-plugins:Homebridge的旧插件:https://github.com/
07-01
Loaded plugin: homebridge-legacy-plugins Registering accessory 'homebridge-legacy-plugins.AD2USB' Registering accessory 'homebridge-legacy-plugins.Carwings' ...many more 那个插件去哪儿了? 随着旧配件...
QT打包之解决MySQL报错:driver not loaded
10-23
解决QT打包MySQL时报错:driver not loaded ,含有分析软件和我用到的dll文件 博客地址:https://blog.csdn.net/qq_36022290/article/details/109245420
错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure.
weixin_54197236的博客
08-29 2万+
浏览器Mixed Content问题
解决Mixed Content:the page at‘https://‘ was loaded over HTTPS,but requested an insecure resource ‘http
weixin_45816407的博客
05-29 1万+
解决Mixed Content:the page at‘https://’ was loaded over HTTPS,but requested an insecure resource ‘http://’查资料后发现原因是在https中请求http接口或引入http资源都会被直接blocked(阻止),浏览器默认此行为不安全,会拦截。在页面中加上此meta标签,原理是使用META标签强制将http请求转成https(SSL协议)请求。public/index.html里面加入此行代码。
解决Mixed Content: The page at https://* was loaded over HTTPS, but requested an insecure XMLHttpReque
提笔忘字的帝国
08-02 2万+
Mixed Content: The page at https://* was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint http://*. This request has been blocked; the content must be served over HTTPS以及提示您的连接不是私密连接的解决
nginx代理服务报Mixed Content: The page at ‘https://xxx.com‘ was loaded over HTTPS
Bertram的博客
04-18 6662
使用nginx代理后端服务时出现如下错误: Mixed Content: The page at ‘https://xxx.com’ was loaded over HTTPS, but requested an insecure stylesheet ‘http://xxx.com’. This request has been blocked. the content must be served over HTTPS. 错误原因: nginx代理的https页面中加载的内容使用的http协议导致报
错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure........
热门推荐
qq_27114677的博客
09-05 9万+
在使用tomcat+nginx时。Nginx使用https,tomcat使用http。使用iframe之类框架,在重定向时会出现以上问题导致页面加载不出来。这是因为Tomcat不能知道Nginx发来的是http还是https。 让tomcat知道nginx发来的是http还是https。默认情况下,nginx得到的https的访问会以http的方式发给负载的tomcat。 一、如果让t
nginx CA证书配置HTTPS
qq_40095973的博客
03-29 899
server {    listen 443;    server_name eee.top;    ssl on;    root /data/webroot/test;    index index.html index.htm;    ssl_certificate   cert/2.pem;    ssl_certificate_key  cert/244.key;    ssl_sess...
【谷歌浏览器】中(Mixed Content错误,即是https请求http在浏览器中出现的错误)的解决方法
u011238996的博客
02-14 1万+
【谷歌浏览器】中(Mixed Content错误,即是https请求http在浏览器中出现的错误)的解决方法
页面警告 Mixed Content: The page at '~' was loaded over HTTPS, but requested an insecure resource '~'.
骐骥筋力成,志在万里外
03-20 5463
将页面发布到线上时,出现HTTP警告。 原因是因为在https中引入了http的js文件,会被直接block掉的。 解决办法: <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> ...
错误:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an insecure.......
最新发布
12-05
这个错误是由于网页中同时存在HTTP和HTTPS两种不同的资源,浏览器为了保证安全性会阻止加载不安全的HTTP资源。解决这个问题的方法有两种: 1. 将所有的HTTP资源都替换成HTTPS资源,这样就不会存在Mixed Content的问题了。 2. 在网页的头部添加Content-Security-Policy,设置upgrade-insecure-requests,这样浏览器会自动将HTTP请求转换成HTTPS请求,从而避免Mixed Content的问题。 以下是两种解决方法的代码示例: 1. 将所有HTTP资源替换成HTTPS资源 ```html <!-- 替换前 --> <img src="http://example.com/image.jpg"> <!-- 替换后 --> <img src="https://example.com/image.jpg"> ``` 2. 在网页头部添加Content-Security-Policy ```html <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> <title>My Secure Page</title> </head> <body> <!-- Your secure content here --> </body> </html> ```

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

皮卡丘踢球

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值