Nginx 全站https 反向代理 Tomcat 遇到静态文件.js,.css文件仍走http,出现block-all-mixed-content错误时,可使用CSP指令将http资源转换为https
关键配置为:
add_header Content-Security-Policy upgrade-insecure-requests;完整配置:
server {
listen 443;
server_name demo.thatscode.com;
....
省略ssl 相关配置
....
location / {
....
省略其他proxy参数
....
proxy_pass http://pool_demo;
add_header Content-Security-Policy upgrade-insecure-requests;
}
access_log /www/logs/demo.thatscode.com.log;
error_log /www/logs/demo.thatscode.com.error;
}
Comments | NOTHING