如何在https网站上的iframe中允许http内容 [英] How to allow http content within an iframe on a https site
问题描述
我将一些HTML加载到iframe中,但是当引用的文件使用http而不是https时,出现以下错误:
[blocked] {current_pagename}中的页面从{referenced_filename}运行不安全的内容
有什么方法可以关闭此功能或以任何方式以避开它?
iframe没有 src 属性,其内容使用以下内容设置:
frame.open();
frame.write(html);
frame.close();
基于这个问题的一般性,我认为,您需要在一些在线服务器上设置您自己的HTTPS代理。执行以下步骤:
$ b
- 准备您的代理服务器 - 安装IIS,Apache
- 获取有效的SSL证书以避免安全错误(例如,免费从startssl.com获得)
- 编写一个包装器,它将下载不安全的内容(如何在下面)从您的网站/应用获取 https://yourproxy.com/?page=http://insecurepage.com <如果您只是通过file_get_contents或通过类似方式下载远程站点内容,则仍然可能存在不安全的内容链接。你必须用正则表达式找到它们,并且替换它。图像很难解决,但Ï找到解决方法在这里: http://foundationphp.com/tutorials/image_proxy.php
I load some HTML into an iframe but when a file referenced is using http, not https, I get the following error:
[blocked] The page at {current_pagename} ran insecure content from {referenced_filename}
Is there any way to turn this off or any way to get around it?
The iframe has no
srcattribute and the contents are set using:frame.open(); frame.write(html); frame.close();解决方案Based on generality of this question, I think, that you'll need to setup your own HTTPS proxy on some server online. Do the following steps:
- Prepare your proxy server - install IIS, Apache
- Get valid SSL certificate to avoid security errors (free from startssl.com for example)
- Write a wrapper, which will download insecure content (how to below)
- From your site/app get https://yourproxy.com/?page=http://insecurepage.com
If you simply download remote site content via file_get_contents or similiar, you can still have insecure links to content. You'll have to find them with regex and also replace. Images are hard to solve, but Ï found workaround here: http://foundationphp.com/tutorials/image_proxy.php
这篇关于如何在https网站上的iframe中允许http内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
