{"id":3705,"date":"2019-04-09T01:32:30","date_gmt":"2019-04-08T17:32:30","guid":{"rendered":"http:\/\/gaigaiming.com\/?p=3705"},"modified":"2019-04-09T01:32:30","modified_gmt":"2019-04-08T17:32:30","slug":"https%e9%a1%b5%e9%9d%a2%e5%bc%95%e7%94%a8%e5%a4%96%e9%83%a8http%e6%96%87%e4%bb%b6%e5%87%ba%e7%8e%b0mixed-content","status":"publish","type":"post","link":"https:\/\/www.gaigaiming.com\/index.php\/2019\/04\/09\/https%e9%a1%b5%e9%9d%a2%e5%bc%95%e7%94%a8%e5%a4%96%e9%83%a8http%e6%96%87%e4%bb%b6%e5%87%ba%e7%8e%b0mixed-content\/","title":{"rendered":"https\u9875\u9762\u5f15\u7528\u5916\u90e8http\u6587\u4ef6\u51fa\u73b0\u201cMixed Content\u201d"},"content":{"rendered":"\n<p class=\"has-background has-light-gray-background-color\">Mixed Content: The page at &#8216;<strong>https:<\/strong>\/\/www.XXXX.com\/&#8217; was loaded over HTTPS, but requested an insecure script &#8216;<strong>http:<\/strong>\/\/libs.baidu.com\/jquery\/1.4.2\/jquery.min.js&#8217;. This request has been blocked; the content must be served over HTTPS.<\/p>\n\n\n\n<p>\u521a\u521a\u5728\u770b\u5c0f\u8bf4\u7684\u65f6\u5019\uff0c\u53d1\u73b0\u67d0\u5c0f\u8bf4\u7f51\u7ad9\u63a7\u5236\u53f0\u62a5\u4e86\u4fe9\u9519\u8bef\uff0c\u67e5\u770b\u4e86\u4e00\u4e0b\u53d1\u73b0\u662f\u56e0\u4e3a\uff0chttps\u5b89\u5168\u673a\u5236\u9875\u9762\uff0c\u5f15\u5165\u4e86baidu\u7684jQuery\u7684\u6587\u4ef6\u4f7f\u7528\u7684\u662fhttp\u5bfc\u81f4\u7684\u3002<br>http:\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae<br>https:\u6dfb\u52a0\u4e86\u52a0\u5bc6\u53ca\u8ba4\u8bc1\u673a\u5236\u7684http\u6210\u4e3ahttps\uff0chttps\u8981\u6bd4http\u61622-100\u500d<\/p>\n\n\n\n<p>\u89e3\u51b3\u65b9\u5f0f\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">1\u3001\u53ef\u4ee5\u628a\u5916\u90e8\u8d44\u6e90\u4e0b\u8f7d\u5230\u81ea\u5df1\u670d\u52a1\u5668\u4e0a\uff0c\u7edf\u4e00\u4f7f\u7528https\uff08\u5982\u679c\u4f7f\u7528\u7684\u662f\u5916\u90e8\u5206\u4eab\u90ae\u7bb1\u4e4b\u7c7b\u7684\uff0c\u8fd9\u79cd\u80fd\u65b9\u6cd5\u4e0d\u53ef\u53d6\uff09<br>2\u3001\u53ef\u4ee5\u5728\u9875\u9762\u5934\u90e8\u52a0\u4e0a<code><meta http-equiv=\"<strong>Content-Security-Policy<\/strong>\" content=\"<strong>upgrade-insecure-requests<\/strong>\"><\/code><br><br>\u4f1a\u628ahttp\u8bf7\u6c42\u8f6c\u5316\u4e3ahttps\u8bf7\u6c42<\/pre>\n\n\n\n<p>\u6269\u5c55<br><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Content-Security-Policy\uff08CSP \u5185\u5bb9\u5b89\u5168\u653f\u7b56\uff09<br><br><code><meta http-equiv=\"content-security-policy\" content=\"\u7b56\u7565\u96c61;\u7b56\u7565\u96c62;\"><\/code><br><br><code>default-src 'self'; img-src https:\/\/*; child-src 'none';<\/code><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>\u4f5c\u7528<\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li>\u4f7f\u7528\u767d\u540d\u5355\u7684\u65b9\u5f0f\u544a\u8bc9\u5ba2\u6237\u7aef\uff08\u6d4f\u89c8\u5668\uff09\u5141\u8bb8\u52a0\u8f7d\u548c\u4e0d\u5141\u8bb8\u52a0\u8f7d\u7684\u8d44\u6e90\u3002<\/li><li>\u5185\u5bb9\u5b89\u5168\u7b56\u7565&nbsp; &nbsp;(<a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Glossary\/CSP\">CSP<\/a>) \u662f\u4e00\u4e2a\u989d\u5916\u7684\u5b89\u5168\u5c42\uff0c\u7528\u4e8e\u68c0\u6d4b\u5e76\u524a\u5f31\u67d0\u4e9b\u7279\u5b9a\u7c7b\u578b\u7684\u653b\u51fb\uff0c\u5305\u62ec\u8de8\u7ad9\u811a\u672c (<a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Glossary\/XSS\">XSS<\/a>)&nbsp;\u548c\u6570\u636e\u6ce8\u5165\u653b\u51fb\u7b49\u3002\u65e0\u8bba\u662f\u6570\u636e\u76d7\u53d6\u3001\u7f51\u7ad9\u5185\u5bb9\u6c61\u67d3\u8fd8\u662f\u6563\u53d1\u6076\u610f\u8f6f\u4ef6\uff0c\u8fd9\u4e9b\u653b\u51fb\u90fd\u662f\u4e3b\u8981\u7684\u624b\u6bb5<\/li><\/ol>\n\n\n\n<p>content&nbsp;\u5185\u90e8\u4ee3\u7801<\/p>\n\n\n\n<p style=\"text-align:left\"><code>upgrade-insecure-requests<\/code>: \u6307\u793a User Agent \u5c06 HTTP \u66f4\u6539\u4e3a HTTPS\uff0c\u91cd\u5199\u7f51\u5740\u67b6\u6784\u3002 \u8be5\u6307\u4ee4\u9002\u7528\u4e8e\u5177\u6709\u5927\u91cf\u65e7\u7f51\u5740\uff08\u9700\u8981\u91cd\u5199\uff09\u7684\u7f51\u7ad9\u3002<br><code>base-uri<\/code>: \u7528\u4e8e\u9650\u5236\u53ef\u5728\u9875\u9762\u7684 &lt;base&gt; \u5143\u7d20\u4e2d\u663e\u793a\u7684\u7f51\u5740\u3002<br><code>child-src<\/code>: \u7528\u4e8e\u5217\u51fa\u9002\u7528\u4e8e\u5de5\u4f5c\u7ebf\u7a0b\u548c\u5d4c\u5165\u7684\u5e27\u5185\u5bb9\u7684\u7f51\u5740\u3002\u4f8b\u5982\uff1achild-src <a rel=\"noreferrer noopener\" href=\"https:\/\/youtube.com\" target=\"_blank\">https:\/\/youtube.com<\/a> \u5c06\u542f\u7528\u6765\u81ea YouTube\uff08\u800c\u975e\u5176\u4ed6\u6765\u6e90\uff09\u7684\u5d4c\u5165\u89c6\u9891\u3002 \u4f7f\u7528\u6b64\u6307\u4ee4\u66ff\u4ee3\u5df2\u5f03\u7528\u7684 frame-src \u6307\u4ee4\u3002<br><code>connect-src<\/code>: \u7528\u4e8e\u9650\u5236\u53ef\uff08\u901a\u8fc7 XHR\u3001WebSockets \u548c EventSource\uff09\u8fde\u63a5\u7684\u6765\u6e90\u3002<br><code>font-src<\/code>: \u7528\u4e8e\u6307\u5b9a\u53ef\u63d0\u4f9b\u7f51\u9875\u5b57\u4f53\u7684\u6765\u6e90\u3002Google \u7684\u7f51\u9875\u5b57\u4f53\u53ef\u901a\u8fc7 font-src <a rel=\"noreferrer noopener\" href=\"https:\/\/themes.googleusercontent.com\" target=\"_blank\">https:\/\/themes.googleusercontent.com<\/a> \u542f\u7528\u3002<br><code>form-action<\/code>: \u7528\u4e8e\u5217\u51fa\u53ef\u4ece &lt;form&gt; \u6807\u8bb0\u63d0\u4ea4\u7684\u6709\u6548\u7aef\u70b9\u3002<br><code>frame-ancestors<\/code>: \u7528\u4e8e\u6307\u5b9a\u53ef\u5d4c\u5165\u5f53\u524d\u9875\u9762\u7684\u6765\u6e90\u3002\u6b64\u6307\u4ee4\u9002\u7528\u4e8e &lt;frame&gt;\u3001&lt;iframe&gt;\u3001&lt;embed&gt; \u548c &lt;applet&gt; \u6807\u8bb0\u3002\u6b64\u6307\u4ee4\u4e0d\u80fd\u5728 &lt;meta&gt; \u6807\u8bb0\u4e2d\u4f7f\u7528\uff0c\u5e76\u4ec5\u9002\u7528\u4e8e\u975e HTML \u8d44\u6e90\u3002<br><code>frame-src<\/code>: \u5df2\u5f03\u7528\u3002\u8bf7\u6539\u7528 child-src\u3002<br><code>img-src<\/code>: \u7528\u4e8e\u5b9a\u4e49\u53ef\u4ece\u4e2d\u52a0\u8f7d\u56fe\u50cf\u7684\u6765\u6e90\u3002<br><code>media-src<\/code>: \u7528\u4e8e\u9650\u5236\u5141\u8bb8\u4f20\u8f93\u89c6\u9891\u548c\u97f3\u9891\u7684\u6765\u6e90\u3002<br><code>object-src<\/code>: \u53ef\u5bf9 Flash \u548c\u5176\u4ed6\u63d2\u4ef6\u8fdb\u884c\u63a7\u5236\u3002<br><code>plugin-types<\/code>: \u7528\u4e8e\u9650\u5236\u9875\u9762\u53ef\u4ee5\u8c03\u7528\u7684\u63d2\u4ef6\u79cd\u7c7b\u3002<br><code>report-uri<\/code>: \u7528\u4e8e\u6307\u5b9a\u5728\u8fdd\u53cd\u5185\u5bb9\u5b89\u5168\u653f\u7b56\u65f6\u6d4f\u89c8\u5668\u5411\u5176\u53d1\u9001\u62a5\u544a\u7684\u7f51\u5740\u3002\u6b64\u6307\u4ee4\u4e0d\u80fd\u7528\u4e8e &lt;meta&gt; \u6807\u8bb0<br><code>style-src<\/code>: \u662f script-src \u7248\u7684\u6837\u5f0f\u8868<br><\/p>\n\n\n\n<p>\u53c2\u8003\u6587\u6863\uff1a<br>https:\/\/developer.mozilla.org\/zh-CN\/docs\/Web\/HTTP\/CSP<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mixed Content: The page at &#8216;https:\/\/www.XXXX.com\/ [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-3705","post","type-post","status-publish","format-standard","hentry","category-4"],"_links":{"self":[{"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/posts\/3705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/comments?post=3705"}],"version-history":[{"count":0,"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/posts\/3705\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/media?parent=3705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/categories?post=3705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gaigaiming.com\/index.php\/wp-json\/wp\/v2\/tags?post=3705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}