点击我的GIT

https跨域到http问题解决

整体结构

用户--https-->Nginx--http-->Tomcat

页面中包含了iframe,iframe的src也是Https的,但是当frame里面的内容表单提交后tomcat服务器处理成功想要重定向却无法正常重定向,Chrome报错如下

Mixed Content: The page at 'https://...../#' was loaded over HTTPS, but requested an insecure form action 'http://.../**/**'. This request has been blocked; the content must be served over HTTPS.

proxy.conf

proxy_redirect          off;
proxy_set_header        Host $host;
proxy_set_header        X-Real-IP $remote_addr;  #获取真实ip
client_max_body_size    10m;
client_body_buffer_size 128k;
proxy_connect_timeout   90;
proxy_send_timeout      90;
proxy_read_timeout      90;
proxy_buffer_size       4k;
proxy_buffers           4 32k;
proxy_busy_buffers_size 64k;

proxy_temp_file_write_size 64k;

defalut

server {
listen 80 default_server;

server_name localhost;

return 301 https://$server_name:6663$request_uri;
}

server {
listen 6663;

server_name localhost;

ssl     on;
ssl_certificate      /home/dream/Https/ssl/server/server.crt;
ssl_certificate_key  /home/dream/Https/ssl/server/server.pem;
ssl_client_certificate /home/dream/Https/ssl/server/root.crt;
 
ssl_session_timeout  5m;
ssl_verify_client on;  #开户客户端证书验证

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;

location / {
proxy_pass http://127.0.0.1:8080/;
}
}

解决方式在nginx配置文件添加:

proxy_pass http://127.0.0.1:8080/;
proxy_redirect ~^http://([^:]+)(:\d+)?(.*)$  https://$1$3;
posted @ 2017-11-16 17:57  _1900  阅读(...)  评论(...编辑  收藏