久成视频在线观看免费-先锋影音资源影音中在线不卡-久久精品—区二区三区美女-久久国产免费一区二区三区

<track id="icesm"></track>
      

      3. 

    3. 

      

      

      


      


      

      


      

      龍巖易富通網(wǎng)絡(luò)科技有限公司
      

      龍巖小程序開發(fā),龍巖分銷系統(tǒng)
      


      


      

      

      

      

      
      
      NGINX下升級HTTPS錯誤:Mixed Content: The page at ‘https://XXX’ was loaded over HTTPS, but requested an ins
      
      
      
        2020.04.06 | 2395閱讀 | 0條評論 | 服務(wù)器配置 
		
      
		
      
  
      提示或報錯:

      Mixed Content: The page at 'https://www.example.com' was loaded over HTTPS, but requested an insecure image ‘http://static.example.com/test.jpg’. This content should also be served over HTTPS.
      首先,為了解決樣式問題,我在前端頁面,引入了一個meta

      <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests" />
      等效于用PHP設(shè)置頭部

      header("Content-Security-Policy: upgrade-insecure-requests");
      這樣導(dǎo)致了一個問題,我的測試環(huán)境下并沒有ssl證書,因此又冒出很多問題。

      后面在nginx上做處理。一個nginx的配置

      server {
              listen       443;
              server_name  www.example.com;
              #charset koi8-r;

              error_log  /logs/nginx/error.log;
              root /var/www/www.example.com;
              index  index.php index.html index.htm;
              ssl on;
              ssl_certificate   cert/test/test.pem;
              ssl_certificate_key  cert/test/test.key;
              ssl_session_timeout 5m;
              ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
              ssl_prefer_server_ciphers on;

              add_header  X-Frame-Options  deny;
              add_header  X-Content-Type-Options  nosniff;
              add_header  X-XSS-Protection "1; mode=block";
              add_header Strict-Transport-Security max-age=86400;
              add_header Content-Security-Policy "upgrade-insecure-requests;default-src *;script-src 'self' https://static.example.com http://static.example.com 'unsafe-inline' 'unsafe-eval';style-src https://static.example.com http://static.example.com 'self' 'unsafe-inline';frame-src 'self';connect-src 'self';img-src https://static.example.com http://static.example.com data: blob: 'self'";

              location / {
                      if (!-f $request_filename){
                              rewrite ^/(.*)$ /index.php?s=$1 last;
                              break;
                      }
                      limit_except GET POST DELETE PUT {
                              deny all;
                      }
              }


              error_page   500 502 503 504  /50x.html;
              location = /50x.html {
                              root   html;
              }

              # proxy the PHP scripts to Apache listening on 127.0.0.1:80
              #
              #location ~ \.php$ {
              #    proxy_pass   http://127.0.0.1;
              #}

              # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
              #
              location ~ \.php$ {
                              fastcgi_pass   127.0.0.1:9000;
                              fastcgi_index  index.php;
                              fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                              include        fastcgi_params;
              }

              # deny access to .htaccess files, if Apache's document root
              # concurs with nginx's one
              #
              location ~ /\.ht {
                              deny  all;
              }
      }
      

      

      
	贊 (
	
      
	
      
             
                   
                
      

      

      發(fā)表評論