Chrome浏览器阻止XHR响应,因为混合内容问题(http / https) [英] XHR response blocked by Chrome, because of mixed content issue (http/https)
问题描述
我目前正在使用jQuery AJAX来获取相对URL,前面没有方案/域(例如'/ js / get_international_popup /')。在我返回之前查看我的位置标题时,响应也是一个相对URL
当我通过HTTP在本地进行测试时,一切正常,但是,一旦我在实时服务器上测试它,通过HTTPS,响应被阻止Chrome,因为它表示它不安全:
混合内容: https://example.com/ '通过HTTPS加载,但请求不安全的XMLHttpRequest端点' http://example.com/js/get_international_popup/ '。此请求已被阻止;内容必须通过HTTPS提供。
从Chrome的角度来看,我的本地测试请求/响应是通过HTTP进行的,但是我的实时测试请求经过了H TTPS并获得了HTTP响应。如果我使用绝对URL(包括 https:// domain )一切似乎都正常,但我更喜欢不使用绝对URL。
有谁知道是否有一种方法可以使用相对URL来解决这个问题?解析方案
b
$ b
var relative_url ='/ js / get_international_popup /';
var absolute_url = window.location.origin + relative_url;
$ .ajax(absolute_url,function(){});
Ref:
http://www.w3schools.com/jsref/prop_loc_origin.asp
注意:
未经测试
I'm currently using jQuery AJAX to GET a relative URL, without scheme/domain in front of it (e.g. '/js/get_international_popup/'. The response is also a relative URL when I view my location header before I return it.
When I test this locally, over HTTP, everything works as it should. However, once I test it on my live server, over HTTPS the response is blocked by Chrome, because it says it's insecure:
Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://example.com/js/get_international_popup/'. This request has been blocked; the content must be served over HTTPS.
From Chrome's viewpoint, my local test request/response went over HTTP, but my live test request went over HTTPS and got an HTTP response. I am unable to view Chrome's response on the live server, because it is blocked.
If I return a response with an absolute URL (including https://domain) everything seems to work fine, but I prefer not to use absolute URLs.
Does anyone know if there's a way to fix this issue using relative URLs?
prepend this using javascript:
var relative_url = '/js/get_international_popup/';
var absolute_url = window.location.origin + relative_url;
$.ajax(absolute_url, function(){});
Ref: http://www.w3schools.com/jsref/prop_loc_origin.asp
Note: Not tested
这篇关于Chrome浏览器阻止XHR响应,因为混合内容问题(http / https)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!