您只想查看网页内容吗... - https
在实现hhtps时,有没有办法不显示消息“您只想查看安全传送的网页内容吗?”并强制回答“否”,因为它会弄乱我的 css 和 javascript 。
谢谢
while implementing hhtps, is there a way not to show the message "Do you want to view only the webpage content that was delivered securely?" and force the answer to "no" as it will mess up with my css and javascript .
thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可能需要提供所有页面元素,包括来自 SSL 服务器的 css 和 javascript。
另请参阅处理 HTTPS 页面中的 HTTP 内容
you may need to serve all the page elements, including the css and javascript from the SSL server.
Also see Dealing with HTTP content in HTTPS pages
这是由浏览器进程实现的,而不是传输机制。有很多自定义实现不会显示该警告,但最常用的浏览器会显示该警告,因为它代表 SSL 过程中的潜在安全漏洞。
本质上,它是浏览器警告您它只从 SSL 连接获取部分内容,最终用户无法直接辨别哪些页面元素来自受信任(即 SSL 连接)主机,哪些来自不受信任的主机主机。
如果您想避免这种情况,请考虑将 CSS/javascript 直接放置在页面中,或者将 SSL 限制为仅用于不包含这些资源的特定页面。
That is implemented by the browser process, not the transport mechanism. There are plenty of custom implementations that would not show that warning, but most commonly available browsers will as it represents a potential security hole in the SSL process.
Essentially its the browser warning you that it only got part of the content from an SSL connection, and there is no way for you the end user to directly tell which page elements are from the trusted (i.e. SSL connected) host and which are from untrusted hosts.
If you want to avoid this, either consider placing your CSS/javascript in the pages directly, or limit your SSL to only specific pages which do not include those resources.
请按照以下步骤将其关闭,但为了确保安全,您必须权衡风险。
Fissh
Follow these steps to turn this off, but as everything you with security you must weight the risks.
Fissh