[英]Convert ASP.NET MVC web application from http to https
I have ASP.NET MVC web application in http I want to convert it to https. 我在http中有ASP.NET MVC Web应用程序,我想将其转换为https。 I have change in code from http to https but after deployed on internet I had some javascript library errors , example : 我的代码已从http更改为https,但是在Internet上部署后,我遇到了一些javascript库错误,例如:
Mixed Content: The page at 'https://MySite/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-2.1.3.min.js'. This request has been blocked; the content must be served over HTTPS.
What is solution? 什么是解决方案?
When HTTPS
is enabled, all your assets have to be requested over HTTPS
as well, otherwise you get mixed-content warnings as both secured and unsecured elements are being served up on a page that should be completely encrypted. 启用HTTPS
,还必须通过HTTPS
请求所有资产,否则将收到混合内容警告,因为安全和不安全元素都将在应完全加密的页面上提供。 Switch to HTTPS
: 切换到HTTPS
:
<script src="https://code.jquery.com/jquery-2.1.3.min.js"></script>
You can also use protocol-relative URLs, ie instead of: 您还可以使用协议相对URL,即代替:
<!-- this.. -->
<script src="http://code.jquery.com/jquery-2.1.3.min.js"></script>
<!-- ..or this -->
<script src="https://code.jquery.com/jquery-2.1.3.min.js"></script>
You can instead use: 您可以改为使用:
<script src="//code.jquery.com/jquery-2.1.3.min.js"></script>
Using the protocol-relative syntax, the resource will load in HTTP
when requested from a non-secure page, and HTTPS
when requested from a secure one. 使用相对协议的语法,当从非安全页面请求时,资源将以HTTP
加载,而从安全页面请求时将以HTTPS
加载。
The downfall to this is that using protocol-relative schemes on non-secure pages will retrieve cross-origin assets in a non-secure fashion. 这样做的缺点是,在非安全页面上使用协议相对方案将以非安全方式检索跨域资产。 This means that you could be missing out on benefits that HTTPS
provides when requesting (for example) resources from a CDN, such as receiving the assets over HTTP/2
*. 这意味着您可能会错过HTTPS
从CDN请求(例如)通过HTTP/2
*接收资产时提供的好处。 As you're going full HTTPS
this is not an actual concern, so use it at your own discretion. 当您要使用完整的HTTPS
这不是实际的问题,因此请自行决定使用它。
* HTTP/2
does not require the use of encryption (eg TLS), but some implementations have stated that they will only support HTTP/2
when it is used over an encrypted connection, and currently no browser supports HTTP/2
unencrypted. * HTTP/2
不需要使用加密(例如TLS),但是一些实现已声明,仅当通过加密连接使用HTTP/2
时,它们才支持HTTP/2
,并且当前没有浏览器支持未加密的HTTP/2
。 ( HTTP/2 FAQ ) ( HTTP / 2常见问题解答 )
When you have an https
site you should load all your JavaScript content (if they're external links) through https
当您拥有https
网站时,您应该通过https
加载所有JavaScript内容(如果它们是外部链接)
reference: 参考:
https://code.jquery.com/jquery-2.1.3.min.js
instead of: 代替:
http://code.jquery.com/jquery-2.1.3.min.js
The answer is as simple as that! 答案就这么简单!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.