资源不会自动从HTTPS加载 - SecuritySwitch [英] Resources not automatically loaded from Https - SecuritySwitch
问题描述
我是从旧SecureWebPages,它通过自动web.config中的HTTP和HTTPS内容之间的切换升级。
I am upgrading from the old SecureWebPages that automates the switching between Http and Https content via web.config.
有关一些奇怪的原因,其内容如下:
For some strange reason, having contents like:
<link type="text/css" href="assets/css/style.css" rel="stylesheet" />
不再自动从相应的HTTPS位置加载。谷歌浏览器的控制台显示我:
no longer automatically loads from the appropriate https location. The console in Google Chrome shows me this:
The page at https://website.com/UserAccess.aspx ran insecure content from http://website.com/assets/css/style.css.
当我使用的是旧SecureWebPages这种现象并不存在。在过去,上述CSS声明没有任何错误,工作正常。
This behavior didn't exist when I was using the older SecureWebPages. In the past the above CSS statement works fine without any errors.
我的web.config:
My web.config:
<securitySwitch mode="RemoteOnly">
<paths>
<add path="~/Register.aspx"/>
<add path="~/SSL.Master"/>
</paths>
这有什么错我的配置?请建议。谢谢!
Is there anything wrong with my configurations? Please advise. Thanks!
推荐答案
您需要告诉SecuritySwitch忽略你的CSS文件夹甚至整个资产文件夹,如果它包含图像等为好。以下是你可以添加到securitySwitch部分资产文件夹的路径。
You need to tell SecuritySwitch to ignore your CSS folder, or even your entire Assets folder if it contains images and the like as well. Here is a path you can add to the securitySwitch section for the assets folder.
<securitySwitch mode="RemoteOnly">
<paths>
<add path="~/Register.aspx"/>
<add path="~/assets/" security="Ignore"/>
</paths>
</securitySwitch>
这将告诉SecuritySwitch忽略它下面的资产文件夹等等,应有尽有。另外,你的主文件路径什么也不做,因为的.master文件永远不会投放给浏览器。
This will tell SecuritySwitch to ignore the assets folder, and everything under it. Also, your path for the master file does nothing, since .master files are never served to a browser.
我希望这有助于!
这篇关于资源不会自动从HTTPS加载 - SecuritySwitch的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!