I have one issue below:
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '.php'. This request has been blocked; the content must be served over HTTPS.
It's work fine when request from '' to '.php'
I have one issue below:
Mixed Content: The page at 'https://example.' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://api.example./api/demo.php'. This request has been blocked; the content must be served over HTTPS.
It's work fine when request from 'https://example.' to 'http://api.example./api/demo.php'
Share edited Sep 19, 2017 at 14:31 Cœur 38.8k25 gold badges206 silver badges278 bronze badges asked Sep 20, 2015 at 5:12 Phan ThinhPhan Thinh 1051 gold badge1 silver badge8 bronze badges1 Answer
Reset to default 4This is a mixed content warning and is a bad practice. See below from mozilla
When a user visits a page served over HTTPS, their connection with the web server is encrypted with TLS and hence safeguarded from sniffers and man-in-the-middle attacks.
If the HTTPS page includes content retrieved through regular, cleartext HTTP, then the connection is only partially encrypted: the unencrypted content is accessible to sniffers and can be modified by man-in-the-middle attackers, and therefore the connection is not safeguarded anymore. When a webpage exhibits this behavior, it is called a mixed content page.
You should either;
- Modify to use the https endpoint or
- proxy the request as https.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744862493a4597783.html
评论列表(0条)