ws://over https://- 混合内容 [英] ws:// over https:// - mixed content

问题描述

我在使用 js 应用程序时遇到了问题 - 我通过 https 访问了网站，但我需要通过 ws 连接外部设备 - 这是唯一的选项，该设备可以连接和响应.

I've got trouble with js app - i've got website over https, but i need to connect with external device over ws - this is ONLY option, that this device can connect and response.

我收到错误

Mixed Content: 
The page at 'https://(...).html' was loaded over HTTPS, 
but attempted to connect to the insecure WebSocket endpoint 
'ws://192.168.(...).(...)/(...)'. 
This request has been blocked; 
this endpoint must be available over WSS.

我怎样才能克服它?是否有一些 CSP-Policy 选项可以避免这种情况?WS 只是连接的选项 - WSS 不是这里的解决方案.

How can i get over it? Is some CSP-Policy option to avoid this? WS is only option to connect - WSS is not a solution here.

推荐答案

您在 HTTPS 页面上的 ws 连接被视为活动的混合内容，并且被大多数浏览器阻止，CSP 无法更改这一点.正如@deceze 建议的那样，接受 WSS 的代理是您的最佳选择.降级到 HTTP 是另一种选择，但不是一个好的选择.

Your ws connection on an HTTPS page is considered active mixed content and is blocked by most browsers, CSP can't change that. As @deceze suggests a proxy accepting WSS is your best option. Downgrading to HTTP is another option, but not a good one.

这篇关于ws://over https://- 混合内容的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！