我有一个C# MVC应用程序,它在特定视图中使用recaptcha安全代码。在我看来,我有以下代码:
<script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
...
@Html.Raw(Html.GenerateCaptcha("captcha", "white"))
@Html.ValidationMessage("captcha")
当我尝试加载页面时,我在 chrome 的调试器中收到以下错误:
Mixed Content: The page at 'https://mywebsite.com' was loaded over HTTPS, but requested an insecure resource 'http://www.google.com/recaptcha/api/challenge?k=mykey'. This request has been blocked; the content must be served over HTTPS.
如果我检查加载页面的来源,reCAPTCHA 的 Razor 控件会生成以下脚本标签:
<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=mykey">
SRC 属性是 HTTP URL,而不是 HTTPS URL。
如果有人知道我如何克服这个错误,将不胜感激。谢谢卡普塔尼奥斯
好的,
我再次发布我自己问题的答案。
事实证明,这:
@Html.Raw(Html.GenerateCaptcha("captcha", "white"))
@Html.ValidationMessage("captcha")
正在渲染这个:
<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=mykey"></script>
脚本标记的 src 属性包含 http 而不是 https因此,为了解决此问题,我只是将@html.raw和@html.valid替换为以下内容:
<script type="text/javascript" src="https://www.google.com/recaptcha/api/challenge?k=mekey"></script>
<noscript>
<iframe src="https://www.google.com/recaptcha/api/noscript?k=mykey" height="300" width="500" frameborder="0"></iframe><br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea><input name="recaptcha_response_field" value="manual_challenge" type="hidden" />
</noscript>
这样做会阻止 chrome 调试器收到错误。