重写规则导致“部分加密连接”在 Firefox 和铬合金
该问题基于问题 htaccess 重写规则:根据键入的 URL 将 http 重定向到 https 或将 https 重定向到 http(两种方式)。伟大的解决方案(感谢 Ulrich Palha)如下所示:
RewriteEngine on
RewriteBase /
#determine if page is supposed to be http
#if it has p=home or p=home1 or qqq=home in querystring
RewriteCond %{QUERY_STRING} (^|&)(p=home1?|qqq=home)(&|$) [NC,OR]
#or if query string is empty
RewriteCond %{QUERY_STRING} ^$
#set env var to 1
RewriteRule ^ - [E=IS_HTTP:1]
#all pages that are supposed to be http redirected if https
RewriteCond %{HTTPS} on
RewriteCond %{ENV:IS_HTTP} 1
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R,L=301]
#all other pages are sent to https if not already so
RewriteCond %{HTTPS} off
RewriteCond %{ENV:IS_HTTP} !1
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L=301]
不幸的是,一旦我将此代码添加到 .htaccess 文件中,一切正常,但 https 开始看起来损坏,如果包含来自服务器的 css 或图片链接,尽管路径是相对的。
下面的页面 (https://www.example.com/?p=welcome)显示 SSL 连接断开时,FF 浏览器显示“您与此站点的连接仅部分加密”,
<head>
<title>ddd</title>
</head>
<body>
Hello
<img src="/gfx/stars/help.gif" alt="" />
</body>
</html>
为什么?
一旦我从页面中删除 
那么,
<link rel="stylesheet" type="text/css" href="/css/mycss.css" />
The question is based on the question htaccess rewriterule: redirect http to https or https to http (both ways) depending on URL typed. The great solution (thanks to Ulrich Palha) looks like this:
RewriteEngine on
RewriteBase /
#determine if page is supposed to be http
#if it has p=home or p=home1 or qqq=home in querystring
RewriteCond %{QUERY_STRING} (^|&)(p=home1?|qqq=home)(&|$) [NC,OR]
#or if query string is empty
RewriteCond %{QUERY_STRING} ^$
#set env var to 1
RewriteRule ^ - [E=IS_HTTP:1]
#all pages that are supposed to be http redirected if https
RewriteCond %{HTTPS} on
RewriteCond %{ENV:IS_HTTP} 1
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R,L=301]
#all other pages are sent to https if not already so
RewriteCond %{HTTPS} off
RewriteCond %{ENV:IS_HTTP} !1
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L=301]
Unfortunately, once I add this code to .htaccess file, everything works fine, but https started look broken, if contains links to css or pictures from the server, although the paths are relative.
The page below (https://www.example.com/?p=welcome) displayed with a broken SSL connection, FF browser says "Your connection to this site is only partrially encrypted"
<head>
<title>ddd</title>
</head>
<body>
Hello
<img src="/gfx/stars/help.gif" alt="" />
</body>
</html>
Why?
Once I remove <img src="/gfx/stars/help.gif" alt="" /> from the page , FF displays https fine, the URL bar is green then (SSL certificate is displayed). The same error appears, when I test it using Google Chrome.
So, what's wrong with <img src="/gfx/stars/help.gif" alt="" />? The path is relative.
The same happens if I add
<link rel="stylesheet" type="text/css" href="/css/mycss.css" />
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
页面加载后,浏览器开始通过 https 请求图像等。根据我对您的重写规则的阅读,因为图像的路径没有将查询字符串
IS_HTTP设置为 1。这会导致您的重写规则重定向到图像 URL 的 http 版本,这就是浏览器抱怨的原因Once the page has loaded and the browser starts requesting images and so on, over https. By my reading of your rewrite rules, because the path to the image has no query string
IS_HTTPis set to 1. This then causes your rewrite rules to do a redirect to the http version of the image URL which is why the browser complains解决此问题的一种方法是避免处理资源(因为无论如何您都没有针对它们的任何特殊规则),如下所示
One way to fix this is to avoid processing resources (since you don't have any special rules for them anyway) as follows