3
我的應用程序使用Flask-Socketio,Flask和nginx。我在一篇文章中讀到,所有HTTP到HTTPS的處理都必須在Web Server級別完成,而不是在Application Server級別完成。我使用rewrite屬性將所有HTTP請求重定向爲HTTPS請求。這與靜態頁面成功工作。但是,當我嘗試加載動態內容時,出現錯誤,提示The page at 'https://localhost/myLoc' was loaded over HTTPS, but displayed insecure content from 'http://localhost/myLoc/more/paths?t=1390397': this content should also be loaded over HTTPS.。如何使用Flask,Flask-SocketIO和nginx實現SSL(http to https)
而且我得到這個錯誤也XMLHttpRequest cannot load http://localhost/myLoc/more/paths?t=1390397. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost' is therefore not allowed access.
我的nginx.conf文件看起來像這樣
server {
server {
listen 80;
server_name _;
rewrite^https://$host$request_uri? permanent;
}
server {
gzip on;
ssl on;
listen 443 ssl;
server_name *.mydomain.com;
ssl_certificate /path/to/nginx/ssl/nginx.crt;
ssl_certificate_key /path/to/nginx/ssl/nginx.key;
location /myLoc {
proxy_pass http://localhost:9001/myLoc;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
請幫助。 Flask-SocketIO是否也必須包含證書和密鑰的路徑?
您正在加載第三方內容,如jQuery? – dirn 2014-11-06 15:24:37
你如何引用你的內容?它看起來應該是相對的(沒有域名,例如'/ myLoc/more/paths?t = 1390397),你可能會在'http:// localhost/myLoc/more/paths?t = 1390397'顯式獲取資源')或協議相關(沒有方案,例如'// localhost/myLoc/more/paths?t = 1390397');理想情況下,應該使用'url_for'來代替硬編碼。您也可能需要在您的位置塊中設置「X-Forwaded-Proto」標頭併爲[此答案]添加「ProxyFix」中間件(https://stackoverflow.com/questions/23347387/x-forwarded-proto-和瓶)。 – jonafato 2014-11-06 18:02:40
@dim:是的,我們正在使用JavaScript和jQuery – 2014-11-11 05:48:57