问题描述

从HTTPS访问HTTP，违法了Chrome的安全规则

mixed content the page at was loaded over https

but requested an insecure XMLHttpRequest endpoint

This request has been blocked; the content must be served over HTTPS.

解决方案

1.修改meta允许这么访问

<meta http-equiv="Content-Security-Policy" 

content="upgrade-insecure-requests">

2.把http的连接全部改成https