cma*_*tix 11 ssl google-chrome
I having a site that loads perfectly fine in Firefox and IE, but is being blocked by Chrome. Chrome is complaining about mixed mode content, however all resources are accessed by relative URLs within the same domain.
From my understanding, a relative URL should use the same protocol as the "main" page that is being loaded. That being the case I have the following:
<link href="/assets/css/small.css" title="Small" rel="alternate stylesheet" type="text/css" />
<link href="/assets/css/large.css" title="Large" rel="alternate stylesheet" type="text/css" />
两者都是相对URL.当通过HTTPS加载页面时,我从Chrome控制台获取以下内容(我更改了客户端隐私的域名):
[blocked] The page at https://www.example.com/Login/ ran insecure
content from http://www.example.com/assets/css/small.css.
[blocked] The page at https://www.example.com/Login/ ran insecure content from
http://www.example.com/assets/css/large.css.
假设相对URL应该遵守所请求的协议,我错了吗?
更新: 它也阻止.js文件以相同的方式引用:
<script src="/assets/scripts/change-text-size.js" type="text/javascript"></script>
被阻止:
[blocked] The page at https://www.example.com/Login/ ran insecure content from http://www.example.com/assets/scripts/change-text-size.js.
另一个奇怪的事情是,如果我在有问题的页面上查看源代码,我会看到相对的URL,如果我将光标悬停在资源(样式表,.js文件)的"链接"上,工具提示会说它是https:.
更新2: .css文件中没有引用任何内容.以下是上面提到的"small.css"文件的全部内容:
div#content-wrap,
div#content-one-col
{
font-size: 65%;
}
在您的公开示例中,静态资产重定向到 http 版本,导致 Chrome 抱怨。
例如,如果你去https://www.bayerglucofacts.com/assets/css/de-de.css - 你会得到一个 302 重定向到http://www.bayerglucofacts.com/assets/css/de-de.css这给出了错误。
| 归档时间: |
|
| 查看次数: |
4808 次 |
| 最近记录: |