在 HTTPS 承载的页面上不允许出现 http 请求,一旦出现就是提示或报错
This request has been blocked; the content must be served over HTTPS
直接说解决方案:
在HTML层面解决:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"/>
请求层面解决:
header("Content-Security-Policy: upgrade-insecure-requests");
代理层面解决:
nginx:在server模块增加
add_header Content-Security-Policy "upgrade-insecure-requests;connect-src *";