ws://over https://- 混合内容 [英] ws:// over https:// - mixed content
问题描述
我在使用 js 应用程序时遇到了问题 - 我通过 https 访问了网站,但我需要通过 ws 连接外部设备 - 这是唯一的选项,该设备可以连接和响应.
I've got trouble with js app - i've got website over https, but i need to connect with external device over ws - this is ONLY option, that this device can connect and response.
我收到错误
Mixed Content:
The page at 'https://(...).html' was loaded over HTTPS,
but attempted to connect to the insecure WebSocket endpoint
'ws://192.168.(...).(...)/(...)'.
This request has been blocked;
this endpoint must be available over WSS.
我怎样才能克服它?是否有一些 CSP-Policy 选项可以避免这种情况?WS 只是连接的选项 - WSS 不是这里的解决方案.
How can i get over it? Is some CSP-Policy option to avoid this? WS is only option to connect - WSS is not a solution here.
推荐答案
您在 HTTPS 页面上的 ws 连接被视为活动的混合内容,并且被大多数浏览器阻止,CSP 无法更改这一点.正如@deceze 建议的那样,接受 WSS 的代理是您的最佳选择.降级到 HTTP 是另一种选择,但不是一个好的选择.
Your ws connection on an HTTPS page is considered active mixed content and is blocked by most browsers, CSP can't change that. As @deceze suggests a proxy accepting WSS is your best option. Downgrading to HTTP is another option, but not a good one.
这篇关于ws://over https://- 混合内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!