[英]How to load the content from HTTP server inside the parent with HTTPS connection
I need to load HTTP content inside HTTPS connection. 我需要在HTTPS连接中加载HTTP内容。 When I do so, I don't get the content and in the browser consol I get the following error :
这样做时,我没有得到内容,并且在浏览器控制台中出现了以下错误:
The page at 'https://xxx.xxx.xxx.xxx/App/xyz.action' was loaded over HTTPS, but displayed insecure content from 'http://xxx.xxx.xxx.xxx/views/xyz/abc': this content should also be loaded over HTTPS.
Here, the content over HTTP comes from another server. 在这里,HTTP上的内容来自另一台服务器。 Hence, I cannot use the relative url also.
因此,我也无法使用相对网址。
My HTML code where I need to load HTTP content looks something like this : 我需要加载HTTP内容的HTML代码如下所示:
<div class='c1' style='width: 1353px; height: 576px;'>
<object class='c2' width='1353' height='576' style='display:none;'>
<param name='host_url' value='http://xxx.xxx.xxx.xxx/views/xyz/abc' />
<param name='site_root' value='' />
<param name='name' value='mno;pqr' />
<param name='tabs' value='no' /><param name='toolbar' value='yes' />
</object>
</div>
I tried looking into solutions but could not find the solution which meet my requirement. 我尝试研究解决方案,但找不到符合我要求的解决方案。
Please help me. 请帮我。
Thanks :) 谢谢 :)
Not sure if it solves your problem but you have a style='display:none;'
不确定是否可以解决您的问题,但是您有一个
style='display:none;'
on the object you are trying to load. 在您要加载的对象上。
Unless you own both/all servers, you can't assume that just because the page that contains the link was retrieved via HTTPS, that the nested link is available via HTTPS. 除非同时拥有两个/所有服务器,否则不能仅因为包含链接的页面是通过HTTPS检索的,就不能假定嵌套链接可以通过HTTPS获得。 The server may not be serving on the HTTPS port.
服务器可能不在HTTPS端口上服务。
So, assuming the target server isn't yours, and they aren't serving https, then some options are: 因此,假设目标服务器不是您的服务器,并且它们不提供https,那么一些选项是:
Proxy the download through your own HTTPS server, or another that supports it, using Apache's proxy module, for example. 例如,使用Apache的代理模块通过您自己的HTTPS服务器或支持该服务器的HTTPS服务器代理下载内容。 This allows you to comply with licensing, while still referencing the object through your secure server, and possibly even aliasing the URL to something simpler.
这使您可以遵守许可,同时仍可以通过安全服务器引用对象,甚至可以将URL别名为更简单的名称。 http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
Reverse Proxy 反向代理
ProxyPass /foo http://foo.remote.com/bar ProxyPassReverse /foo http://foo.remote.com/bar
Create a proxy function with code, in your action/controller/servlet, and replace calls that directly reference the remote server with an HTTPS call to your own. 在您的action / controller / servlet中,使用代码创建代理功能,并使用对自己的HTTPS调用替换直接引用远程服务器的调用。 Like https://myserver.com/remoteObjectHandler.aspx and your code will need to transparently connect via HTTPS, then stream the request content from the original server to your client connection.
像https://myserver.com/remoteObjectHandler.aspx一样,您的代码将需要通过HTTPS透明连接,然后将请求内容从原始服务器流式传输到您的客户端连接。
So, the answer is simple. 因此,答案很简单。 Just allow your browser to load unsafe script.
只允许您的浏览器加载不安全的脚本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.