我正在设置我的第一个 HAProxy 反向代理服务器。它将成为从不同服务器在 tomcat 上运行的 HTML5 应用程序的代理。我能够让它通过 HTTP 代理出去,将所有请求重定向到 HTTPS,并实现 HSTS。但是,这样做之后我意识到它也尝试加载 websocket 连接。问题是它加载的 websocket 连接是不安全的 (ws://) 和不安全的 (wss://)。当然,Chrome(可能还有多个浏览器)会抱怨通过安全连接加载不安全的脚本。这是我得到的错误:
Connecting via WebSocket using url ws://website.domain.com:9091/webclient/
Mixed Content: The page at 'https://website.domain.com/webclient/' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://website.domain.com:9091/webclient/'. This request has been blocked; this endpoint must be available over WSS.
Caught WebSocket error: SecurityError: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.
所有这些都由 /webclient/script/ajaxclient.js:210 …