如何在Chrome中查看带有不安全请求的Web应用程序?
[英]How can I view a web application with insecure and secure requests in Chrome?
问题描述
When testing an application locally I am building, it is convenient for me to allow the application to make requests over http and https. 
当我在本地构建应用程序时,允许应用程序通过http和https发出请求对我来说很方便。 But, Chrome is not happy with this and will not allow the insecure requests to complete. 但是,Chrome对此不满意,并且将不允许不安全的请求完成。 How do I convince Chrome to allow this mix of insecure and secure XHR requests in the application I am testing? 如何说服Chrome浏览器在我正在测试的应用程序中混合使用不安全和安全的XHR请求?
1 个解决方案
解决方案1
3 2016-03-03 18:41:56
Problem: Google, by default, will complain if you try to run a web application with both secure and insecure requests. 问题:默认情况下,如果您尝试同时运行带有安全请求和不安全请求的Web应用程序,则Google会提出投诉。
Solution: Start an instance of Chrome or Chromium with an option to allow the mix of secure and insecure requests. 解决方案:启动Chrome或Chromium实例,并带有允许混合使用安全请求和不安全请求的选项。
- Open Terminal (OS X) or the Command Prompt (MS) 打开终端(OS X)或命令提示符(MS)
- Fire off the following command to open an "indifferent" instance of Chrome: 触发以下命令以打开Chrome的“无关紧要”实例:
OS X: /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --allow-running-insecure-content OS X: /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --allow-running-insecure-content
MS: start Chrome --allow-running-insecure-content MS: start Chrome --allow-running-insecure-content
Now, if you already have Chrome open, then this will open a tab in the existing instance of the Chrome app. 现在,如果您已经打开Chrome,那么这将在Chrome应用的现有实例中打开一个标签。 You will then have an insecure tab floating around with your other tabs. 然后,您将有一个不安全的选项卡与其他选项卡一起漂浮。 You might forget that tab is insecure or this may at some point lead to a security breach. 您可能会忘记该选项卡不安全,否则可能会导致安全漏洞。 So, you could open a new instance of chrome by adding an option to the command to use a new temporary directory for your user information like so: 因此,您可以通过在命令中添加一个选项以使用新的临时目录存储您的用户信息来打开chrome的新实例,如下所示:
OS X: /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content OS X: /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content
MS: start Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content MS: start Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content
Some Convenience Additions: Issuing this whole command every time you want to run something with a mix of secure and insecure content can get pretty tedious. 一些便利性:每次您要运行包含安全内容和不安全内容的内容时,发出整个命令可能会变得非常乏味。 I added this alias to my ~/.bash_profile to make opening Chrome in this mixed mode more convenient: 我将此别名添加到〜/ .bash_profile中,以使在此混合模式下打开Chrome更加方便:
OS X: alias chrome-insecure="/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content" OS X: alias chrome-insecure="/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --user-data-dir=/tmp/tempchrome --allow-running-insecure-content"
MS: a little help here? MS: a little help here?
I also have an app I repeatedly test locally so I added the domain to open by default when my indifferent Chrome instance opened up like so: 我也有一个应用程序,我在本地反复测试过,因此当我的无关紧要的Chrome实例打开时,默认情况下我会打开该域,如下所示:
OS X: alias chrome-insecure="/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome localhost --user-data-dir=/tmp/tempchrome --allow-running-insecure-content" OS X: alias chrome-insecure="/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome localhost --user-data-dir=/tmp/tempchrome --allow-running-insecure-content"
MS: a little help here? MS: a little help here?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.