V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
kmdd33
V2EX  ›  问与答

小伙伴们有谁用过 cloudflare? console 出现了一个 error: failed to load resource: the server responded with a status of 404

  •  
  •   kmdd33 · 2017-04-02 17:53:05 +08:00 · 7970 次点击
    这是一个创建于 2828 天前的主题,其中的信息可能已经有所发展或是发生改变。

    搞了一天还没有搞定,周末的一天眼看过去了, google 也不行。先上贴图:

    chrome : https://cl.ly/132h1I2P2U3ihttps://cl.ly/3t0h2C3t2N2T/annotate

    firefox : https://cl.ly/2T3p0X100P3K network 截图(登陆页面): https://cl.ly/2H3T3C3d3i3e

    错误显示: Failed to load resource: the server responded with a status of 404 ()

    firefox 显示 4 个升级 http 到 https 的请求,我应该如何升级呢?我添加了 add_header Content-Security-Policy upgrade-insecure-requests;这样操作对吗?

    自己一开始为了消除 mixed contents 错误,把 nginx 里面的 nginx.conf 的 server {}中添加

    server { ...

    add_header Content-Security-Policy upgrade-insecure-requests;

    ...} 请伙伴们指导 环境状态:用了 cloudflare 的 cdn 和 ssl

    8 条回复    2017-04-05 16:20:26 +08:00
    him007
        1
    him007  
       2017-04-02 20:04:07 +08:00 via Android
    404 是资源不存在、路径错误
    http://的你就改为 https://或相对协议 //
    MuMew
        2
    MuMew  
       2017-04-02 20:17:47 +08:00
    用代理了的话检查代理,没代理 https://www.cloudflare.com/ 或者用代理
    MuMew
        3
    MuMew  
       2017-04-02 20:22:33 +08:00
    还有你 cloudflare 控制台里设置对了吗
    Antidictator
        4
    Antidictator  
       2017-04-02 20:51:03 +08:00 via Android
    kmdd33
        5
    kmdd33  
    OP
       2017-04-02 23:10:51 +08:00 via iPad
    @him007 一个一个改太麻烦了,我添加的 add_header Content-security-Policy upgrade-secure-requesrts 的目的就是让 http 升级到 https 的。
    kmdd33
        6
    kmdd33  
    OP
       2017-04-02 23:16:38 +08:00 via iPad
    @Antidictator 跟你设置的 301 重定向完全一致。也解决了 mixed content 的错误
    imxieke
        7
    imxieke  
       2017-04-03 00:45:18 +08:00 via Android
    不知道是不是运气问题 我前几天注册了个非主流后缀域名 使用 Cloudflare
    但是分配的 ip 我这边可以 ping 通 但是页面打不开。。 开代理就正常
    kmdd33
        8
    kmdd33  
    OP
       2017-04-05 16:20:26 +08:00
    自己的 nginx.conf 配置如下:
    user www www;

    worker_processes auto;

    error_log /home/wwwlogs/nginx_error.log crit;

    pid /usr/local/nginx/logs/nginx.pid;

    #Specifies the value for maximum file descriptors that can be opened by this process.
    worker_rlimit_nofile 51200;

    events
    {
    use epoll;
    worker_connections 51200;
    multi_accept on;
    }

    http
    {
    map $http_cf_ipcountry $allow {
    default yes;
    CN yes;
    RU no;
    US yes;
    }
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 50m;

    sendfile on;
    tcp_nopush on;

    keepalive_timeout 60;

    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 256k;

    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
    gzip_vary on;
    gzip_proxied expired no-cache no-store private auth;
    gzip_disable "MSIE [1-6]\.";

    #limit_conn_zone $binary_remote_addr zone=perip:10m;
    ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

    server_tokens off;
    access_log off;

    server
    {
    if ($allow = no) {
    return 403;
    }
    location / {

    add_header 'Access-Control-Allow-Origin' 'https://www.mydomain.com';
    }


    add_header Content-Security-Policy upgrade-insecure-requests;
    add_header 'Access-Control-Allow-origin' 'https://www.mydomain.com';
    add_header 'Access-Control-Allow-Methods' 'GET, POST';
    # Cross domain webfont access
    location = /favicon.ico { log_not_found off; access_log off; }

    location = /robots.txt { log_not_found off; access_log off; allow all; }

    location ~* .(ogg|ogv|mp4|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    add_header "Access-Control-Allow-Origin" "https://www.mydomain.com";
    add_header "Timing-Allow-Origin" "*";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    expires max;
    log_not_found off;
    }

    location ~* .(ttf|ttc|otf|eot|woff|woff2|svg|svgz)$ {
    add_header "Access-Control-Allow-Origin" "https://www.mydomain.com";
    add_header "Timing-Allow-Origin" "*";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    expires max;
    log_not_found off;
    }

    listen 80 default_server;
    listen 443 default_server;
    #listen [::]:80 default_server ipv6only=on;
    server_name www.mydomain.com;
    index index.html index.htm index.php;
    root /home/wwwroot/default;

    #error_page 404 /404.html;
    include enable-php.conf;

    location /nginx_status
    {
    stub_status on;
    access_log off;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
    expires 30d;
    }

    location ~ .*\.(js|css)?$
    {
    expires 12h;
    }



    location ~ /\.
    {
    deny all;
    }


    access_log /home/wwwlogs/access.log;
    }
    include vhost/*.conf;
    }
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5852 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 24ms · UTC 03:04 · PVG 11:04 · LAX 19:04 · JFK 22:04
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.