Is there no other way to call in external unprotected content (such as CSS files and js files) from an SSL-enabled page than to save the unprotected content as an internal file and read it?
ssl
First of all, there is no technical reason why HTTP resources cannot be read from sites accessed by HTTPS.
However, users expect that "all communications will be done via HTTPS on HTTPS sites," so the browser displays or blocks warnings because of unsafe communications.
Therefore, the point is to load all resources in HTTPS.
Specifically, you can either have HTTPS access to that external resource, or you can move it to a location that HTTPS can access, such as the same location as HTML.
Files on the same domain can be loaded with the same https(ssl) protocol.
if you're going to embed http (non-ssl) resources from servers in another domain.
You will receive a browser warning, but if you allow it, you can view the image and CSS only.
Different domains impose security restrictions on JS.
There are several ways to avoid it.
·Copy resource files to the same server
·
on the server where you want to install the storage of the server that has the resources.
Mount and configure the area.(If you can see the actual file internally in the same server, you can just set the area.)
·Set a reverse proxy to the target resource file on the server.
*Depending on the partner, there may be a hole in the security, so it is essential that the partner can be trusted.
© 2024 OneMinuteCode. All rights reserved.