我们系统在DMZ区的Nginx配置了https协议,从外网访问的时候,系统报错The request has been blocked;The content must be served over HTTPS。即https无法加载http资源,于是我在nginx.conf中加入:add_header Content-Security-Policy upgrade-insecure-requests;后,这个错误不报了,但是报:
以下为我的nginx配置,请大神们帮忙指导下,万分感谢!
upstream testupsceshi{
server 内网IP:端口号 weight=1;
}
server {
listen 443 ssl;
server_name testceshi.bocins.com;
ssl_certificate /home/apps/sslcert/bocinsserver.cer;
ssl_certificate_key /home/apps/sslcert/bocins.key;
#charset koi8-r;
access_log logs/test.host.access.log;
error_log logs/test.host.error.log;
location / {
proxy_pass http://testupsceshi;
proxy_redirect http://testupsceshi http://$host:$server_port;
add_header Content-Security-Policy upgrade-insecure-requests;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
error_page 404 404.html;
#error_page 497 https://$host:$server_port$uri?$args;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}