检测 HTTP 或 HTTPS 然后在 JavaScript 中强制使用 HTTPS
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4723213/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Detect HTTP or HTTPS then force HTTPS in JavaScript
提问by Registered User
Is there any way to detect HTTP or HTTPS and then force usage of HTTPS with JavaScript?
有没有办法检测 HTTP 或 HTTPS,然后强制使用 HTTPS 和 JavaScript?
I have some codes for detecting the HTTP or HTTPS but I can't force it to use https:.
我有一些用于检测 HTTP 或 HTTPS 的代码,但我不能强制它使用https:.
I'm using the window.location.protocolproperty to set whatever the site is to https:then refresh the page to hopefully reload a new https'ed URL loaded into the browser.
我正在使用window.location.protocol属性来设置站点的任何内容,https:然后刷新页面以希望重新加载加载到浏览器中的新的 https 的 URL。
if (window.location.protocol != "https:") {
window.location.protocol = "https:";
window.location.reload();
}
回答by Soumya
Try this
尝试这个
if (location.protocol !== 'https:') {
location.replace(`https:${location.href.substring(location.protocol.length)}`);
}
location.href = blahadds this redirect to the browser history. If the user hits the back button, they will be redirected back to the the same page. It is better to use location.replaceas it doesn't add this redirect to the browser history.
location.href = blah将此重定向添加到浏览器历史记录中。如果用户点击后退按钮,他们将被重定向回同一页面。最好使用location.replace它,因为它不会将此重定向添加到浏览器历史记录中。
回答by sam
Setting location.protocol navigates to a new URL. No need to parse/slice anything.
设置 location.protocol 导航到一个新的 URL。无需解析/切片任何东西。
if (location.protocol !== "https:") {
location.protocol = "https:";
}
Firefox 49 has a bugwhere httpsworks but https:does not. Said to be fixed in Firefox 54.
火狐49有一个错误在那里https工作,但https:没有。据说已在 Firefox 54 中修复。
回答by b1_
It is not good idea because you just temporaryredirect user to https and browser doesn't save this redirect.
这不是一个好主意,因为您只是临时将用户重定向到 https 而浏览器不会保存此重定向。
You describe task for web-server (apache, nginx etc) http 301, http 302
您描述了网络服务器(apache、nginx 等)http 301、http 302 的任务
回答by keirog
How about this?
这个怎么样?
if (window.location.protocol !== 'https:') {
window.location = 'https://' + window.location.hostname + window.location.pathname + window.location.hash;
}
Ideally you'd do it on the server side, though.
不过,理想情况下,您会在服务器端执行此操作。
回答by Steven Penny
if (location.protocol == 'http:')
location.href = location.href.replace(/^http:/, 'https:')
回答by Mikeumus
Not a Javascript way to answer this but if you use CloudFlare you can write page rulesthat redirect the user much faster to HTTPS and it's free. Looks like this in CloudFlare's Page Rules:
不是用 Javascript 的方式来回答这个问题,但如果你使用 CloudFlare,你可以编写页面规则,将用户更快地重定向到 HTTPS,而且它是免费的。在 CloudFlare 的页面规则中看起来像这样:
回答by M.BRAHAM
You can do:
你可以做:
<script type="text/javascript">
if (window.location.protocol != "https:") {
window.location.protocol = "https";
}
</script>
回答by Дмитрий Васильев
Functional way
功能方式
window.location.protocol === 'http:' && (location.href = location.href.replace(/^http:/, 'https:'));
回答by Charles Hamel
I like the answers for this question. But to be creative, I would like to share one more way:
我喜欢这个问题的答案。但为了有创意,我想再分享一种方式:
<script>if (document.URL.substring(0,5) == "http:") {
window.location.replace('https:' + document.URL.substring(5));
}
</script>
回答by Itay Ben Shmuel
You should check this: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
您应该检查一下:https: //developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
Add this metatag to your index.html inside head
将此元标记添加到您的 index.html 内head
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
Hope it helped.
希望它有所帮助。
