科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - link requested an insecure XMLHttpRequest endpoint - Stack Overflow

    javascript - link requested an insecure XMLHttpRequest endpoint - Stack Overflow

    programmeradmin1浏览0评论

    I am pretty new to SSL / https but finally managed to create one for my website

    Now the problem is this strange error:

    app.7e27c5b6c47cfaa5a0da.js:70 error occured for getting the country from: / {data: null, status: -1, config: {…}, statusText: "", headers: ƒ}
app.7e27c5b6c47cfaa5a0da.js:70 Mixed Content: The page at '/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '/'. This request has been blocked; the content must be served over HTTPS.

    And its spitting out the error so fast that the browser almost dies.

    What does this mean? and what can I do about fixing it?

    I am pretty new to SSL / https but finally managed to create one for my website

    https://thaihome.co.uk

    Now the problem is this strange error:

    app.7e27c5b6c47cfaa5a0da.js:70 error occured for getting the country from: http://freegeoip/json/ {data: null, status: -1, config: {…}, statusText: "", headers: ƒ}
app.7e27c5b6c47cfaa5a0da.js:70 Mixed Content: The page at 'https://thaihome.co.uk/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://freegeoip/json/'. This request has been blocked; the content must be served over HTTPS.

    And its spitting out the error so fast that the browser almost dies.

    What does this mean? and what can I do about fixing it?

    • javascript
    • https
    Share Improve this question asked Aug 24, 2017 at 7:54 torbenrudgaardtorbenrudgaard 2,5719 gold badges35 silver badges59 bronze badges
    Add a ment  | 

    2 Answers 2

    Reset to default 5

    The error message explains it pretty clearly and tells you exactly what you need to do to fix it.

    Mixed Content

    You are mixing content (from HTTPS and HTTP).

    The page at 'https://thaihome.co.uk/'

    This is your page.

    was loaded over HTTPS

    You said you set it up for HTTPS. It is HTTPS now.

    but requested an insecure XMLHttpRequest endpoint 'http://freegeoip/json/'.

    And you have some JavaScript which is making an HTTP request using the XMLHttpRequest object.

    The URL you are requesting is http://freegeoip/json/ which isn't secure. i.e. it uses HTTP not HTTPS. You can tell because it starts http:.

    This request has been blocked;

    Because it is insecure, it has been blocked. Otherwise it would inject insecure content into an otherwise secure page. The page wouldn't be secure any more.

    the content must be served over HTTPS.

    You need to load it over HTTPS so it is secure before you can load it from your HTTPS page.

    It means you need to make the API request to https://freegeoip/json instead of http://freegeoip/json

    Edit: When you enable SSL on your website, all assets and requests must be made to secure endpoints. Meaning even if you have an image tag that has an unsecured image link going to http like this: <img src="http://unsecure./img.jpeg" /> your browser will not give you the green lock secure symbol. Everything needs to be done over https.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论
    ok 不同模板 switch ($forum['model']) { /*case '0': include _include(APP_PATH . 'view/htm/read.htm'); break;*/ default: include _include(theme_load('read', $fid)); break; } } break; case '10': // 主题外链 / thread external link http_location(htmlspecialchars_decode(trim($thread['description']))); break; case '11': // 单页 / single page $attachlist = array(); $imagelist = array(); $thread['filelist'] = array(); $threadlist = NULL; $thread['files'] > 0 and list($attachlist, $imagelist, $thread['filelist']) = well_attach_find_by_tid($tid); $data = data_read_cache($tid); empty($data) and message(-1, lang('data_malformation')); $tidlist = $forum['threads'] ? page_find_by_fid($fid, $page, $pagesize) : NULL; if ($tidlist) { $tidarr = arrlist_values($tidlist, 'tid'); $threadlist = well_thread_find($tidarr, $pagesize); // 按之前tidlist排序 $threadlist = array2_sort_key($threadlist, $tidlist, 'tid'); } $allowpost = forum_access_user($fid, $gid, 'allowpost'); $allowupdate = forum_access_mod($fid, $gid, 'allowupdate'); $allowdelete = forum_access_mod($fid, $gid, 'allowdelete'); $access = array('allowpost' => $allowpost, 'allowupdate' => $allowupdate, 'allowdelete' => $allowdelete); $header['title'] = $thread['subject']; $header['mobile_link'] = $thread['url']; $header['keywords'] = $thread['keyword'] ? $thread['keyword'] : $thread['subject']; $header['description'] = $thread['description'] ? $thread['description'] : $thread['brief']; $_SESSION['fid'] = $fid; if ($ajax) { empty($conf['api_on']) and message(0, lang('closed')); $apilist['header'] = $header; $apilist['extra'] = $extra; $apilist['access'] = $access; $apilist['thread'] = well_thread_safe_info($thread); $apilist['thread_data'] = $data; $apilist['forum'] = $forum; $apilist['imagelist'] = $imagelist; $apilist['filelist'] = $thread['filelist']; $apilist['threadlist'] = $threadlist; message(0, $apilist); } else { include _include(theme_load('single_page', $fid)); } break; default: message(-1, lang('data_malformation')); break; } ?>