在 HTTPS 承载的页面上不允许出现 http 请求,一旦出现就是提示或报错:
This request has been blocked; the content must be served over HTTPS
解决方案:
html:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"/>
php:
header("Content-Security-Policy: upgrade-insecure-requests");
nginx:在server模块增加
add_header Content-Security-Policy "upgrade-insecure-requests;connect-src *";