通过HTTPS加载页面但请求不安全的XMLHttpRequest端点 [英] Page loaded over HTTPS but requested an insecure XMLHttpRequest endpoint

问题描述

我有一个带有一些D3 javascript的页面。此页面位于HTTPS网站内，但证书是自签名的。

I have a page with some D3 javascript on. This page sits within a HTTPS website, but the certificate is self-signed.

当我加载页面时，我的D3可视化不显示，我收到错误：

When I load the page, my D3 visualisations do not show, and I get the error:

混合内容：' https://integration.jsite.com/data/vis '是通过HTTPS加载的，但是请求了一个不安全的XMLHttpRequest端点' http://integration.jsite.com/data/rdata.csv '。此请求已被阻止;内容必须通过HTTPS提供。

Mixed Content: The page at 'https://integration.jsite.com/data/vis' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://integration.jsite.com/data/rdata.csv'. This request has been blocked; the content must be served over HTTPS.

我做了一些研究，我发现JavaScript将使用相同的协议进行调用页面已加载。因此，如果页面是通过 https 加载的，则还应通过 https rdata.csv c>，而是请求 http 。

I did some research and all I found what the JavaScript will make the call with the same protocol that the page was loaded. So if page was loaded via https then the rdata.csv should also have been requested via https, instead it is requested as http.

这是因为证书是在服务器上自签名的？除了安装真正的SSL证书之外，我还能做些什么呢？

Is this because the certificate is self-signed on the server? What I can do to fix this, other than installing a real SSL certificate?

推荐答案

我是什么可以解决这个问题（除了安装真正的SSL证书）。

What I can do to fix this (other than installing a real SSL certificate).

你不能。

在https网页上，您只能向https网页发出AJAX请求（使用浏览器信任的证书，如果您使用自签名证书，则无法使用为您的访客）

On an https webpage you can only make AJAX request to https webpage (With a certificate trusted by the browser, if you use a self-signed one, it will not work for your visitors)

这篇关于通过HTTPS加载页面但请求不安全的XMLHttpRequest端点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！