… this content should also be loaded over HTTPS

问题:

Good day.

Site https://mult-privet.com/

In my Chrome console, I see this error:

[blocked] The page at 'https://yandex.st/share/ya-share-cnt.html?url= https%3A%2F%2Fmult-privet.com%2F&services=yaru, vkontakte,facebook,twitter,odnoklassniki,moimir'  was loaded over HTTPS, but ran insecure content  from 'http://connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0& ref=https%3A%2F%2Fmult-privet.com%2F':  this content should also be loaded over HTTPS. 

Why should this URI also be loaded over HTTPS ?

Why am I getting this error, and how do I remove it?

回答1:

On the right side of the Chrome address bar, click on the shield icon, then click "Load unsafe script". Done!

回答2:

Why this content should also be loaded over HTTPS ?

Because:

• if you have unsecured content being injected into an otherwise secure page, the unsecured content can be intercepted, replaced and thus render the secure content insecure
• the browser can't honestly continue to tell the user that the page is secure when parts of it are not

Tell me please why i get this error

You are loading HTTP without SSL content into an HTTP with SSL page.

and how remove this?

Use HTTPS for everything on the page.

回答3:

Why you are getting this error

Quentin's answer explains this pretty well. I would clarify that you are getting a mixed content error.

How to fix this error

Although Quentin's answer offers the most ideal fix, it is sometimes more convenient to solve mixed content errors using a protocol-relative URL, where the http[s]?: prefix is removed from the URL. For example, change this:

http://connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0& ref=https%3A%2F%2Fmult-privet.com%2F 

to this:

//connect.odnoklassniki.ru/dk?st.cmd=extOneClickLike&uid=odklocs0& ref=https%3A%2F%2Fmult-privet.com%2F 

by removing the http: prefix. It will let the browser determine the protocol. When using the protocol relative URL in the above example, if you are on an SSL encrypted page the browser will access the https://connect.odnoklassniki... URL, and on a non-SSL page, it will access the http://connect.odnoklassniki... URL, assuming that both protocols work for the URL.

There are, however, some pitfalls in using protocol-relative URLs, like ensuring that the server behind the URL is capable of serving both http and https protocols. This SO post addresses more reasons to use protocol-relative URLs.

文章来源: … this content should also be loaded over HTTPS