[英]Assets default to HTTPS on localhost
When I load my web app via localhost (which is not served via HTTPS), I find that the CSS and JavaScript assets fail to load, because the browser tries to access them via https://localhost:3000/style.css
and https://localhost:3000/script.js
. When I load my web app via localhost (which is not served via HTTPS), I find that the CSS and JavaScript assets fail to load, because the browser tries to access them via
https://localhost:3000/style.css
and https://localhost:3000/script.js
。 The website itself ( index.html
) is served via HTTP.网站本身 (
index.html
) 通过 HTTP 提供服务。
In the document <head>
, both assets are included via their relative path, so the browser must be defaulting to HTTPS to retrieve all assets.在文档
<head>
中,两个资产都通过它们的相对路径包含,因此浏览器必须默认为 HTTPS 才能检索所有资产。
I already checked the HSTS setting on my server and made sure that it is turned off during development.我已经检查了我的服务器上的 HSTS 设置,并确保它在开发过程中被关闭。 I also cleared the HSTS cache in my browser, to no avail.
我还清除了浏览器中的 HSTS 缓存,但无济于事。
Any pointers to where I should look next would be greatly appreciated!任何指向我下一步应该看的地方的指针将不胜感激!
I finally figured it out — apparently, a recent update to Helmet impacted two settings:我终于弄明白了——显然,最近对Helmet的更新影响了两个设置:
When disabling both (in development), and after resetting the browser HSTS cache, everything worked as expected again.禁用两者(在开发中)并重置浏览器 HSTS 缓存后,一切都按预期工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.