link请求不安全的XMLHttpRequest端点 [英] link requested an insecure XMLHttpRequest endpoint

问题描述

我是SSL / https的新手，但最终成功为我的网站创建了一个

解决方案

错误消息非常清楚地解释了它，并告诉您确切需要做些什么来修复它。

混合内容

您正在混合内容（来自HTTPS和HTTP）。

' https://thaihome.co.uk/'

这是你的页面。

通过HTTPS加载

您说是为HTTPS设置的。它现在是HTTPS。

但请求了一个不安全的XMLHttpRequest端点' http://freegeoip.net/json/ 。

你有一些JavaScript使用XMLHttpRequest对象发出HTTP请求。

您要求的网址是 http://freegeoip.net/json/ ，这是不安全的。即它使用HTTP而不是HTTPS。您可以告诉，因为它开始 http：。

此请求已被阻止;

因为它不安全，所以它已被阻止。否则，它会将不安全的内容注入其他安全页面。该页面将不再安全。

内容必须通过HTTPS提供。

您需要通过HTTPS加载它，以便在从HTTPS页面加载它之前它是安全的。

I am pretty new to SSL / https but finally managed to create one for my website

https://thaihome.co.uk

Now the problem is this strange error:

app.7e27c5b6c47cfaa5a0da.js:70 error occured for getting the country from: http://freegeoip.net/json/ {data: null, status: -1, config: {…}, statusText: "", headers: ƒ}
app.7e27c5b6c47cfaa5a0da.js:70 Mixed Content: The page at 'https://thaihome.co.uk/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://freegeoip.net/json/'. This request has been blocked; the content must be served over HTTPS.

And its spitting out the error so fast that the browser almost dies.

What does this mean? and what can I do about fixing it?

解决方案

The error message explains it pretty clearly and tells you exactly what you need to do to fix it.

Mixed Content

You are mixing content (from HTTPS and HTTP).

The page at 'https://thaihome.co.uk/'

This is your page.

was loaded over HTTPS

You said you set it up for HTTPS. It is HTTPS now.

but requested an insecure XMLHttpRequest endpoint 'http://freegeoip.net/json/'.

And you have some JavaScript which is making an HTTP request using the XMLHttpRequest object.

The URL you are requesting is http://freegeoip.net/json/ which isn't secure. i.e. it uses HTTP not HTTPS. You can tell because it starts http:.

This request has been blocked;

Because it is insecure, it has been blocked. Otherwise it would inject insecure content into an otherwise secure page. The page wouldn't be secure any more.

the content must be served over HTTPS.

You need to load it over HTTPS so it is secure before you can load it from your HTTPS page.

这篇关于link请求不安全的XMLHttpRequest端点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！