iframe 加载相对 url 作为 http 即使父 url 加载了 https
iframe loads relative url as http even though the parent url was loaded with https
我在浏览器控制台中收到此错误:
Mixed Content: The page at
'https://async-java.github.io' was loaded over HTTPS, but
requested an insecure resource 'http://async-java.github.io/v/0.1.2/'.
This request has been blocked; the content must be served over HTTPS.
我的 iframe 正在加载:
<iframe id="main-iframe" src="v/0.1.2" width="100%" height="100%"></iframe>
有没有办法强制它使用 https 而不必使用绝对 URL?相对 url 更方便,因为它适用于 localhost 等
我找到了这个答案,它说要使用:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
适用于此用例。有关详细信息,请参阅:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
我在浏览器控制台中收到此错误:
Mixed Content: The page at 'https://async-java.github.io' was loaded over HTTPS, but requested an insecure resource 'http://async-java.github.io/v/0.1.2/'. This request has been blocked; the content must be served over HTTPS.
我的 iframe 正在加载:
<iframe id="main-iframe" src="v/0.1.2" width="100%" height="100%"></iframe>
有没有办法强制它使用 https 而不必使用绝对 URL?相对 url 更方便,因为它适用于 localhost 等
我找到了这个答案,它说要使用:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
适用于此用例。有关详细信息,请参阅: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests