最近把博客的登陆改成 iframe 弹出层的方式后,qq快捷登陆授权后iframe内页面空白;
打开浏览器的控制台发现有报错信息:
Mixed Content: The page at 'https://www.timeblog.cn/article/115.html' was loaded over HTTPS, but requested an insecure form action 'http://www.timeblog.cn/xxxxback/qq? code=30CC6A3E3E771D749B904DFE3&state=1548887715'. This request has been blocked; the content must be served over HTTPS.
站点是https的,http请求被浏览器阻止了;
原因是PHP的超全局变量 $_SERVER['SERVER_PROTOCOL'] 在nginx 并不能识别HTTPS;
原来的生成方案:
if(!IS_CLI){ $SITE_PATH = (strpos($_SERVER['SERVER_PROTOCOL'],'HTTPS')!==false)?'https://'.$_SERVER['HTTP_HOST']:'http://'.$_SERVER['HTTP_HOST']; }else{ $SITE_PATH = ''; }
修改成如下:
if(!IS_CLI){ if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'){ $SITE_PATH = 'https://'.$_SERVER['HTTP_HOST']; }else{ $SITE_PATH = (strpos($_SERVER['SERVER_PROTOCOL'],'HTTPS') !== false) ?'https://'.$_SERVER['HTTP_HOST']:'http://'.$_SERVER['HTTP_HOST']; } }else{ $SITE_PATH = ''; }
问题解决;
转载请注明本文标题和链接:《 兼容nginx apache的获取当前站点url的方案(带http/s) 》
网友评论 0