Problem Description
After deploying the WEB project, the mandatory HTTPS is enabled, and the following error occurs:
Mixed Content: The page at 'https://ask.mllt.vip/index.php/data1.html' was loaded over HTTPS, but requested an insecure favicon 'http://ask.mllt.vip/imgs/profile.png'. This request has been blocked; the content must be served over HTTPS.
problem analysis
The reason for the error is that the current page is loaded by https protocol, but this page initiates an http ajax request, which is illegal. Dynamically introducing HTTP resources in HTTPS pages, such as introducing a js file, will be directly blocked. Requesting HTTP resources through AJAX in HTTPS pages will also be directly blocked.
Solution
You can add this code in the corresponding page, which means to automatically upgrade the unsafe request of http to https
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">