Getting mixed-content errors even though I’m only using https URLs

断了今生、忘了曾经 提交于 2021-01-28 02:49:59

问题


I'm having the SSL warning messages all over my website after switching to SSL for several assets:

Mixed Content: The page at 'https://example.com' was loaded over HTTPS, but requested an insecure script 'http://example.com/script.js'. This request has been blocked; the content must be served over HTTPS.

  • I checked the page source, every single script/css is requested over https.
  • I even checked the dynamically created html by using the code inspector.
  • I disabled Javascript in case a script was loading these assets dynamically.

None of these things showed a single http:// request. I'm out of ideas to try and find what is causing this. Any ideas or suggestions?


回答1:


When seeing a mixed-content message about a http://example.com/script.js (non-https) URL that doesn’t actually appear anywhere in your sources, the basic strategy to follow is:

  1. Replace the http in the URL with https and put that into the address bar in your browser: https://example.com/script.js
  2. If your browser redirects from that https://example.com/script.js URL back to (non-https) http://example.com/script.js, then you’ve found the cause: example.com/script.js isn’t actually available from an https URL, and ends up getting served from a http URL even though your source is requesting the https URL.


来源:https://stackoverflow.com/questions/42638605/getting-mixed-content-errors-even-though-i-m-only-using-https-urls

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!