This request has been blocked; the content must be served over HTTPS问题处理

1.问题现象

Mixed Content: The page at 'https://www.ssjxx.cn/ssjy/viy-edu/index.html?systemCode=TW0010#/' was loaded over HTTPS, but requested an insecure frame 'http://www.ssjxx.cn:443/7.5.1-23/web-apps/apps/spreadsheeteditor/main/index.html?_dc=7.5.1-23&lang=zh&customer=ONLYOFFICE&frameEditorId=placeholder&parentOrigin=https://www.ssjxx.cn&fileType=xlsx'. This request has been blocked; the content must be served over HTTPS.

nginx This request has been blocked; the content must be served over HTTPS问题处理-LMLPHP

nginx This request has been blocked; the content must be served over HTTPS问题处理-LMLPHP

2.解决问题

location   /web-apps {
proxy_pass     http://192.168.82.130:9002/web-apps;

proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http; //改成: $scheme;
proxy_redirect off;


#HttpLimitZoneModule
limit_conn perip 10;
proxy_buffering on;
proxy_buffer_size 512k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 1m;
}

3.解决后的现象

nginx This request has been blocked; the content must be served over HTTPS问题处理-LMLPHP
nginx This request has been blocked; the content must be served over HTTPS问题处理-LMLPHP

4.proxy_set_header x-forwarded-proto 作用

proxy_set_header x-forwarded-proto是在Nginx作为代理服务器时经常使用的指令。它的作用是设置代理服务器发送给上游服务器的HTTP请求头中的"x-forwarded-proto"字段值,这个字段会告诉上游服务器请求的协议类型是什么,如HTTP还是HTTPS。这个字段对于上游服务器来说非常重要,因为它可能需要根据请求协议类型的不同来进行一些不同的处理,例如判断是否需要启用SSL加密。
例如,当客户端使用HTTPS协议访问Nginx代理服务器,但Nginx代理服务器转发给上游服务器的协议类型为HTTP时,上游服务器会认为这个请求是不安全的,因为它没有收到客户端与Nginx之间的SSL加密通信。这时,如果我们在Nginx的配置文件中添加如下指令:

proxy_set_header X-Forwarded-Proto https;

那么,Nginx就会在发送请求给上游服务器时,将"x-forwarded-proto"字段值设置为"https",这样上游服务器就可以正确地判断请求的协议类型是HTTPS,并做出相应的处理了。
需要注意的是,在设置"x-forwarded-proto"字段时,建议使用小写字母,因为有些服务器会将HTTP请求头字段名转换为小写字母。此外,还需要确保在Nginx配置文件中启用了proxy_set_header指令。

04-09 08:00