[英]Mixed content jQuery ajax HTTPS request has been blocked on Laravel
I think this question will be easy for someone and will be a face-palm situation for me.我认为这个问题对某人来说很容易,对我来说将是一个面对面的情况。
I have a Laravel 5.3 site, and various pages have ajax requests.我有一个 Laravel 5.3 站点,各种页面都有 ajax 请求。 Because I use the
csrf_field()
feature, they work fine.因为我使用
csrf_field()
功能,所以它们工作正常。
But there is one page where the ajax produces this error:但是有一页 ajax 产生了这个错误:
Mixed Content: The page at 'https://example.com/fb/reports' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://example.com/fb/json?levelType=&id=&aggLevel=ad&start=&end='. This request has been blocked; the content must be served over HTTPS.
My javascript looks like this:我的 javascript 看起来像这样:
var relUrl = '/fb/json/';
var payload = {
levelType: levelType,
id: id,
aggLevel: aggLevel,
start: start,
end: end
};
console.log(relUrl);
return $.ajax({
type: 'GET',
dataType: 'json',
data: payload,
url: relUrl,
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
I've read tons of articles about this error.我已经阅读了大量有关此错误的文章。 I've tried tons of suggested solutions, including changing the relative URL to the full https URL, or starting it with 2 slashes.
我已经尝试了大量建议的解决方案,包括将相对 URL 更改为完整的 https URL,或者以 2 个斜杠开头。
I've even tried changing the way my Laravel routes work and am now using just querystring parameters.我什至尝试改变我的 Laravel 路由的工作方式,现在我只使用查询字符串参数。
I've studied all of the articles below (and more).我已经研究了以下所有文章(以及更多文章)。
Also, since this one ajax query is in a password-protect part of the site (and the ajax queries that work are in a public/open part of the site), I figured maybe that was related to the problem.此外,由于这一个AJAX查询是站点(和AJAX的查询工作都在网站的公共/开放的部分)的密码保护部分,我也许想通这是相关的问题。 But then I used
SSH
to log into the production server and vim
to temporarily remove the line that required any authentication, and the https error still happens.但后来我用
SSH
登录到生产服务器和vim
暂时移除所需的任何认证就行了,https的错误仍然会发生。
What steps can I take to debug further from here?我可以采取哪些步骤来进一步调试? What logs can I 'tail' on my Cloudways server?
我可以在 Cloudways 服务器上“拖尾”哪些日志?
Is there anything that Cloudflare might be interfering with (which I doubt, since other ajax queries work, all on https)? Cloudflare 是否有任何可能会干扰的内容(我对此表示怀疑,因为其他 ajax 查询都在 https 上工作)?
Thanks!谢谢!
Summary: I needed to replace var relUrl = '/fb/json/';
总结:我需要替换
var relUrl = '/fb/json/';
with var relUrl = '/fb/json';
使用
var relUrl = '/fb/json';
(remove the trailing slash) because that's what my Laravel web.php
routes file expected. (删除尾部斜杠)因为这是我的 Laravel
web.php
路由文件所期望的。
In Chrome console, I noticed that the https
XHR request was being "canceled" and replaced with an http
request.在 Chrome 控制台中,我注意到
https
XHR 请求被“取消”并替换为http
请求。
So then I used ssh
to log into the remote production server and vim
to temporarily disable the requirement of authentication.于是我用
ssh
登录远程生产服务器,用vim
暂时禁用认证要求。
Then in the Chrome console, I defined and ran a new ajax command using an absolute https URL with querystring params on the end.然后在 Chrome 控制台中,我使用绝对 https URL 定义并运行了一个新的 ajax 命令,最后是查询字符串参数。 That worked (no mixed content error).
那行得通(没有混合内容错误)。 Then I tried a relative URL like that, and it worked too.
然后我尝试了一个这样的相对 URL,它也有效。
Even a relative URL with no payload or querystring params or trailing slash worked.即使是没有有效负载或查询字符串参数或尾部斜杠的相对 URL 也能工作。
Then I added the trailing slash again, and it didn't work.然后我再次添加了尾部斜杠,但它不起作用。
I still wish there had been an easier way to trace or debug the redirect paths or whatever was happening.我仍然希望有一种更简单的方法来跟踪或调试重定向路径或发生的任何事情。 I still feel like I stumbled onto the answer clumsily (after many hours) instead of knowing how to dissect this problem reliably.
我仍然觉得我笨拙地(几个小时后)偶然发现了答案,而不是知道如何可靠地剖析这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.