3

我的应用程序使用 Flask-Socketio、Flask 和 nginx。我在一篇文章中读到,所有 HTTP 到 HTTPS 的处理都必须在 Web 服务器级别而不是在应用程序服务器级别完成。我使用该rewrite属性将所有 HTTP 请求重定向为 HTTPS 请求。这适用于静态页面。但是,当我尝试加载动态内容时,我收到一条错误消息,指出The page at 'https://localhost/myLoc' was loaded over HTTPS, but displayed insecure content from 'http://localhost/myLoc/more/paths?t=1390397': this content should also be loaded over HTTPS..

此外,我也收到此错误XMLHttpRequest cannot load http://localhost/myLoc/more/paths?t=1390397. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost' is therefore not allowed access.

我的 nginx.conf 文件看起来像这样

server {
    server {
    listen       80;
    server_name  _;
   rewrite ^ https://$host$request_uri? permanent;
}

server {
    gzip  on;
    ssl     on;
    listen 443 ssl;

    server_name     *.mydomain.com;

    ssl_certificate /path/to/nginx/ssl/nginx.crt;
    ssl_certificate_key /path/to/nginx/ssl/nginx.key;

    location /myLoc {
            proxy_pass http://localhost:9001/myLoc;
            proxy_redirect off;
            proxy_buffering off;

            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

请帮忙。Flask-SocketIO 是否还必须包含证书和密钥的路径?

4

1 回答 1

0

尝试这个:

location /myLoc {
        proxy_pass https://localhost:9001/myLoc;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        add_header Access-Control-Allow-Origin *;
}

但是 HTTPS 卸载是首选方式,proxy_pass http://指令更好,它有助于 Nginx 尽快从后端获得响应并关闭连接。唯一的要求是让后端(监听端口 9901)服务 HTTP。

于 2014-11-09T19:26:27.997 回答