资源不会自动从HTTPS加载 - SecuritySwitch [英] Resources not automatically loaded from Https - SecuritySwitch

问题描述

我是从旧SecureWebPages，它通过自动web.config中的HTTP和HTTPS内容之间的切换升级。

I am upgrading from the old SecureWebPages that automates the switching between Http and Https content via web.config.

有关一些奇怪的原因，其内容如下：

For some strange reason, having contents like:

<link type="text/css" href="assets/css/style.css" rel="stylesheet" />

不再自动从相应的HTTPS位置加载。谷歌浏览器的控制台显示我：

no longer automatically loads from the appropriate https location. The console in Google Chrome shows me this:

The page at https://website.com/UserAccess.aspx ran insecure content from http://website.com/assets/css/style.css.

当我使用的是旧SecureWebPages这种现象并不存在。在过去，上述CSS声明没有任何错误，工作正常。

This behavior didn't exist when I was using the older SecureWebPages. In the past the above CSS statement works fine without any errors.

我的web.config：

My web.config:

<securitySwitch mode="RemoteOnly">
<paths>
  <add path="~/Register.aspx"/>
  <add path="~/SSL.Master"/>
</paths>

这有什么错我的配置？请建议。谢谢！

Is there anything wrong with my configurations? Please advise. Thanks!

推荐答案

您需要告诉SecuritySwitch忽略你的CSS文件夹甚至整个资产文件夹，如果它包含图像等为好。以下是你可以添加到securitySwitch部分资产文件夹的路径。

You need to tell SecuritySwitch to ignore your CSS folder, or even your entire Assets folder if it contains images and the like as well. Here is a path you can add to the securitySwitch section for the assets folder.

<securitySwitch mode="RemoteOnly">
<paths>
  <add path="~/Register.aspx"/>
  <add path="~/assets/" security="Ignore"/>
</paths>
</securitySwitch>

这将告诉SecuritySwitch忽略它下面的资产文件夹等等，应有尽有。另外，你的主文件路径什么也不做，因为的.master文件永远不会投放给浏览器。

This will tell SecuritySwitch to ignore the assets folder, and everything under it. Also, your path for the master file does nothing, since .master files are never served to a browser.

我希望这有助于！

这篇关于资源不会自动从HTTPS加载 - SecuritySwitch的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！