问题:
Mixed Content: The page at 'https://api.xxxx.com/test' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://api.xxxx.com/test'. This request has been blocked; the content must be served over HTTPS.
添加这个:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
参考:
http://thehackernews.com/2015/04/disable-mixed-content-warning.html