javascript Deezer 内容通过 HTTP 提供
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/27965975/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Deezer content is served over HTTP
提问by user2700047
I am using Deezer Javascript SDK and loaded it over https.
我正在使用 Deezer Javascript SDK 并通过 https 加载它。
<script src="https://cdns-files.deezer.com/js/min/dz.js"></script>
But from today Chrome and Firefox has problem, because Deezer SDK loading some script over https and Chrome rejected as insecure content.
但是从今天开始,Chrome 和 Firefox 出现了问题,因为 Deezer SDK 通过 https 加载了一些脚本,Chrome 被拒绝为不安全的内容。
Chrome console:
铬控制台:
Mixed Content: The page at 'https://....' was loaded over HTTPS, but requested an insecure script 'http://www.deezer.com/js_trad-v00340851.php?l=cs'. This request has been blocked; the content must be served over HTTPS. playerBB.php:1 Mixed Content: The page at 'https://....' was loaded over HTTPS, but requested an insecure script 'http://cdn-files.deezer.com/js/min/core-v00340851.js'. This request has been blocked; the content must be served over HTTPS. playerBB.php:1 Mixed Content: The page at '...' was loaded over HTTPS, but requested an insecure script 'http://cdn-files.deezer.com/js/min/live-v00340851.js'. This request has been blocked; the content must be served over HTTPS.
混合内容:“https://....”页面已通过 HTTPS 加载,但请求了不安全的脚本“ http://www.deezer.com/js_trad-v00340851.php?l=cs”。此请求已被阻止;内容必须通过 HTTPS 提供。playerBB.php:1 混合内容:“https://....”页面已通过 HTTPS 加载,但请求了不安全的脚本“ http://cdn-files.deezer.com/js/min/core- v00340851.js'。此请求已被阻止;内容必须通过 HTTPS 提供。playerBB.php:1 混合内容:“...”处的页面已通过 HTTPS 加载,但请求了不安全的脚本“ http://cdn-files.deezer.com/js/min/live-v00340851.js”。此请求已被阻止;内容必须通过 HTTPS 提供。
回答by Andrew Dunai
This happens when your page and remote resource are using different HTTPprotocols: one uses HTTPand another uses HTTPS.
当您的页面和远程资源使用不同的HTTP协议时会发生这种情况:一个使用HTTP另一个使用HTTPS。
The preferred way to include third-party scripts is this one:
包含第三方脚本的首选方法是这种:
<script src="//cdns-files.deezer.com/js/min/dz.js"></script>
Removing https:or http:tells browser to load the document using same protocol as current page. This should eliminate security warnings.
删除https:或http:告诉浏览器使用与当前页面相同的协议加载文档。这应该消除安全警告。
回答by Java Basketball
when i set the url :
<a href="http://127.0.0.1:8080/download/1.txt"></a>from a https request, it report error :
Mixed Content: The page at 'https://127.0.0.1/index.html'was loaded over HTTPS, but requested an insecure resource 'http://127.0.0.1:8080/download/1.txt'.
This request has been blocked; the content must be served over HTTPS.
Failed to load resource: net::ERR_CACHE_MISS
当我<a href="http://127.0.0.1:8080/download/1.txt"></a>从 https 请求设置 url 时
,它报告错误:混合内容:页面'https://127.0.0.1/index.html'已通过 HTTPS 加载,但请求了不安全的资源'http://127.0.0.1:8080/download/1.txt'。此请求已被阻止;内容必须通过 HTTPS 提供。无法加载资源:net::ERR_CACHE_MISS
when i added the target="_blank"to the url: <a target="_blank" href="http://127.0.0.1:8080/download/1.txt">, it works! , it works!
it's well known that target="_blank"means opening the linked document in a new window or tab or a new request!
当我添加target="_blank"到 url: 时<a target="_blank" href="http://127.0.0.1:8080/download/1.txt">,它起作用了!, 有用!众所周知,这target="_blank"意味着在新窗口或选项卡或新请求中打开链接文档!
