为什么通过 HTTP 从 blogger.com 获取 SyntaxHighlighter
Why is SyntaxHighlighter being fetched via HTTP from blogger.com
我将以下 HTML 添加到我的 blogger.com 主题的 head 部分。
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shCore.css' rel='stylesheet' type='text/css'>
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shThemeDefault.css' rel='stylesheet' type='text/css'>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shCore.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCpp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCSharp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCss.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJava.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJScript.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPhp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPython.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushRuby.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushSql.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushVb.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushXml.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPerl.js' type='text/javascript'></script>
<script language='javascript'>
SyntaxHighlighter.config.bloggerMode = true;
SyntaxHighlighter.config.clipboardSwf = 'https://alexgorbatchev.com/pub/sh/current/scripts/clipboard.swf';
SyntaxHighlighter.all();
</script>
但是当我通过 HTTP 查看页面时,浏览器告诉我我正在从第二个 HTTPS 页面请求不安全的 HTTP 资源。
https://mrpmorris.blogspot.co.uk/2017/06/loading-assembly-from-specific-path.html
如果我在 Chome 控制台中右键单击 alexgorbatchev link 并且 select Open in new link 它会将我带到一个不安全的页面,如果我将 https:// 添加到url 安全加载的开始。
当标记明确指示 https 时,为什么 Chrome 和 MS Edge 试图通过 http 获取这些资源?
$ curl -I https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPerl.js -k
HTTP/1.1 302 Moved Temporarily
...
Location: http://agorbatchev.typepad.com/pub/sh/3_0_83/scripts/shBrushPerl.js
...
您可以看到它实际上被重定向到 TypePad.com。这背后有一个 "cool" 的故事。在带宽昂贵的黑暗时代,我在这些脚本上获得了 100 GB 的流量,每月的费用开始超过 100 美元。我将文件移至免费托管服务,但我不希望指向 alexgorbatchev.com 的所有现有链接都中断,因此我设置了重定向。
我应该修复重定向以使用与请求相同的协议:)
我的 blog.
也遇到了同样的问题
我替换了下面的代码:
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shCore.css' rel='stylesheet' type='text/css'/>
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shThemeEclipse.css' rel='stylesheet' type='text/css'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shCore.js' type='text/javascript'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJava.js' type='text/javascript'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushXml.js' type='text/javascript'/>
与下面一个:
<link href='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/shCore.css' rel='stylesheet' type='text/css'/>
<link href='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/shThemeEclipse.css' rel='stylesheet' type='text/css'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shCore.js' type='text/javascript'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shBrushJava.js' type='text/javascript'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shBrushXml.js' type='text/javascript'/>
现在我的博客不再抛出 不安全内容被阻止 的错误。因为现在所有内容都通过 https 提供,而且也是通过世界上最好的 cdn 之一提供的。
我将以下 HTML 添加到我的 blogger.com 主题的 head 部分。
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shCore.css' rel='stylesheet' type='text/css'>
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shThemeDefault.css' rel='stylesheet' type='text/css'>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shCore.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCpp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCSharp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushCss.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJava.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJScript.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPhp.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPython.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushRuby.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushSql.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushVb.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushXml.js' type='text/javascript'></script>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPerl.js' type='text/javascript'></script>
<script language='javascript'>
SyntaxHighlighter.config.bloggerMode = true;
SyntaxHighlighter.config.clipboardSwf = 'https://alexgorbatchev.com/pub/sh/current/scripts/clipboard.swf';
SyntaxHighlighter.all();
</script>
但是当我通过 HTTP 查看页面时,浏览器告诉我我正在从第二个 HTTPS 页面请求不安全的 HTTP 资源。
https://mrpmorris.blogspot.co.uk/2017/06/loading-assembly-from-specific-path.html
如果我在 Chome 控制台中右键单击 alexgorbatchev link 并且 select Open in new link 它会将我带到一个不安全的页面,如果我将 https:// 添加到url 安全加载的开始。
当标记明确指示 https 时,为什么 Chrome 和 MS Edge 试图通过 http 获取这些资源?
$ curl -I https://alexgorbatchev.com/pub/sh/current/scripts/shBrushPerl.js -k
HTTP/1.1 302 Moved Temporarily
...
Location: http://agorbatchev.typepad.com/pub/sh/3_0_83/scripts/shBrushPerl.js
...
您可以看到它实际上被重定向到 TypePad.com。这背后有一个 "cool" 的故事。在带宽昂贵的黑暗时代,我在这些脚本上获得了 100 GB 的流量,每月的费用开始超过 100 美元。我将文件移至免费托管服务,但我不希望指向 alexgorbatchev.com 的所有现有链接都中断,因此我设置了重定向。
我应该修复重定向以使用与请求相同的协议:)
我的 blog.
也遇到了同样的问题我替换了下面的代码:
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shCore.css' rel='stylesheet' type='text/css'/>
<link href='https://alexgorbatchev.com/pub/sh/current/styles/shThemeEclipse.css' rel='stylesheet' type='text/css'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shCore.js' type='text/javascript'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushJava.js' type='text/javascript'/>
<script src='https://alexgorbatchev.com/pub/sh/current/scripts/shBrushXml.js' type='text/javascript'/>
与下面一个:
<link href='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/shCore.css' rel='stylesheet' type='text/css'/>
<link href='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/shThemeEclipse.css' rel='stylesheet' type='text/css'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shCore.js' type='text/javascript'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shBrushJava.js' type='text/javascript'/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shBrushXml.js' type='text/javascript'/>
现在我的博客不再抛出 不安全内容被阻止 的错误。因为现在所有内容都通过 https 提供,而且也是通过世界上最好的 cdn 之一提供的。