javascript ...此内容也应通过 HTTPS 加载
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22196927/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
... this content should also be loaded over HTTPS
提问by Leo Zhang
Good day.
再会。
In my Chrome console, I see this error:
在我的 Chrome 控制台中,我看到此错误:
[blocked] The page at 'https://yandex.st/share/ya-share-cnt.html?url=
https%3A%2F%2Fmult-privet.com%2F&services=yaru,
vkontakte,facebook,twitter,odnoklassniki,moimir'
was loaded over HTTPS, but ran insecure content
from 'http://connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0&
ref=https%3A%2F%2Fmult-privet.com%2F':
this content should also be loaded over HTTPS.
Why should this URI also be loaded over HTTPS ?
为什么这个 URI 也应该通过 HTTPS 加载?
Why am I getting this error, and how do I remove it?
为什么我会收到此错误,以及如何删除它?
回答by Leo Zhang
On the right side of the Chrome address bar, click on the shield icon, then click "Load unsafe script". Done!
在 Chrome 地址栏右侧,点击盾牌图标,然后点击“加载不安全脚本”。完毕!
回答by Quentin
Why this content should also be loaded over HTTPS ?
为什么这个内容也应该通过 HTTPS 加载?
Because:
因为:
- if you have unsecured content being injected into an otherwise secure page, the unsecured content can be intercepted, replaced and thus render the secure content insecure
- the browser can't honestly continue to tell the user that the page is secure when parts of it are not
- 如果您将不安全的内容注入到其他安全的页面中,则可以拦截、替换不安全的内容,从而使安全内容变得不安全
- 当页面的某些部分不安全时,浏览器不能诚实地继续告诉用户该页面是安全的
Tell me please why i get this error
请告诉我为什么我会收到此错误
You are loading HTTP without SSL content into an HTTP with SSL page.
您正在将不带 SSL 内容的 HTTP 加载到带 SSL 的 HTTP 页面中。
and how remove this?
以及如何删除它?
Use HTTPS for everything on the page.
对页面上的所有内容使用 HTTPS。
回答by modulitos
Why you are getting this error
为什么会出现此错误
Quentin's answer explains this pretty well. I would clarify that you are getting a mixed content error.
昆汀的回答很好地解释了这一点。我会澄清您收到了一个混合内容错误。
How to fix this error
如何修复此错误
Although Quentin's answer offers the most ideal fix, it is sometimes more convenient to solve mixed content errors using a protocol-relative URL, where the http[s]?:prefix is removed from the URL. For example, change this:
尽管 Quentin 的回答提供了最理想的解决方法,但有时使用协议相对 URL 解决混合内容错误更方便,其中http[s]?:从 URL 中删除前缀。例如,改变这个:
http://connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0&
ref=https%3A%2F%2Fmult-privet.com%2F
to this:
对此:
//connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0&
ref=https%3A%2F%2Fmult-privet.com%2F
by removing the http:prefix. It will let the browser determine the protocol. When using the protocol relative URL in the above example, if you are on an SSL encrypted page the browser will access the https://connect.odnoklassniki... URL, and on a non-SSL page, it will access the http://connect.odnoklassniki... URL, assuming that both protocols work for the URL.
通过删除http:前缀。它将让浏览器确定协议。在上例中使用协议相对 URL 时,如果您在 SSL 加密页面上,浏览器将访问https://connect.odnoklassniki... URL,而在非 SSL 页面上,它将访问http://connect.odnoklassniki... URL,假设两个协议为 URL 工作。
There are, however, some pitfallsin using protocol-relative URLs, like ensuring that the server behind the URL is capable of serving both httpand httpsprotocols. This SO postaddresses more reasons to use protocol-relative URLs.
但是,使用协议相关的 URL存在一些缺陷,例如确保 URL 背后的服务器能够同时为协议http和https协议提供服务。这篇 SO 帖子解决了使用协议相对 URL 的更多原因。
