{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Root(大扎) 的问题《Deezer content is served over HTTP》','https://www.manongdao.com/q-225932.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using Deezer Javascript SDK and loaded it over https.
<script src="https://cdns-files.deezer.com/js/min/dz.js"></script>
But from today Chrome and Firefox has problem, because Deezer SDK loading some script over https and Chrome rejected as insecure content.
Chrome console:
Mixed Content: The page at 'https://....' was loaded over HTTPS, but requested an insecure script 'http://www.deezer.com/js_trad-v00340851.php?l=cs'. This request has been blocked; the content must be served over HTTPS. playerBB.php:1 Mixed Content: The page at 'https://....' was loaded over HTTPS, but requested an insecure script 'http://cdn-files.deezer.com/js/min/core-v00340851.js'. This request has been blocked; the content must be served over HTTPS. playerBB.php:1 Mixed Content: The page at '...' was loaded over HTTPS, but requested an insecure script 'http://cdn-files.deezer.com/js/min/live-v00340851.js'. This request has been blocked; the content must be served over HTTPS.
when i set the url :
<a href="http://127.0.0.1:8080/download/1.txt"></a>from a https request, it report error : Mixed Content: The page at'https://127.0.0.1/index.html'was loaded over HTTPS, but requested an insecure resource'http://127.0.0.1:8080/download/1.txt'. This request has been blocked; the content must be served over HTTPS. Failed to load resource: net::ERR_CACHE_MISSwhen i added the
target="_blank"to the url:<a target="_blank" href="http://127.0.0.1:8080/download/1.txt">, it works! , it works! it's well known thattarget="_blank"means opening the linked document in a new window or tab or a new request!This happens when your page and remote resource are using different
HTTPprotocols: one usesHTTPand another usesHTTPS.The preferred way to include third-party scripts is this one:
Removing
https:orhttp:tells browser to load the document using same protocol as current page. This should eliminate security warnings.