“阻止加载混合主动内容”与字体相关的问题

支持
1

I see next errors in browser console.
But I can’t find how to fix that - everything works fine, https:// from the beginning. I’ve tried to relaunch wizard to use different fonts - but it doesn’t help.
Any ideas how can I try to fix this? Thanks!


Blocked loading mixed active content “http://<domain>.com/fonts/Mukta-Bold.ttf?v=0.0.8”

[css-logic.js:517:31](resource://devtools/shared/inspector/css-logic.js)

Blocked loading mixed active content “http://<domain>.com/fonts/Mukta-Regular.ttf?v=0.0.8”

[css-logic.js:517:31](resource://devtools/shared/inspector/css-logic.js)

Blocked loading mixed active content “http://<domain>.com/fonts/Mukta-Regular.ttf?v=0.0.8”

[all_results](https://<domain>.com/admin/site_settings/category/all_results?filter=extensions)

downloadable font: failed to start download (font-family: "Mukta" style:normal weight:400 stretch:100 src index:0): content blocked source: http://<domain>.com/fonts/Mukta-Regular.ttf?v=0.0.8

Blocked loading mixed active content “http://<domain>.com/fonts/Mukta-Bold.ttf?v=0.0.8”

[all_results](https://<domain>.com/admin/site_settings/category/all_results?filter=extensions)

downloadable font: failed to start download (font-family: "Mukta" style:normal weight:700 stretch:100 src index:0): content blocked source: http://<domain>.com/fonts/Mukta-Bold.ttf?v=0.0.8
1 个赞
2

Do the URLs of the mentioned resources inside the page actually begin with “https”? Any resource loaded with an “http” URL will be considered mixed content.

One hack/bandaid you can use is to include the following header in the offending page:

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

That will “encourage” the mixed resources to be loaded over “https” while you find the root causes.

1 个赞
3

@griffin Thanks for the answer!
I have usual Discourse installed by

discourse-setup

my domain is under https and all works well (including images, attachments, etc.)
But I’m receiving the errors about fonts (same Discourse).

Seems to fix the issue. Thanks!

The root of the issue is still not clear, but maybe I’ll investigate it later.

1 个赞
4

Glad the bandaid :adhesive_bandage: worked! :blush:

It’s likely that some of the URLs for loading your font packages have “http” in them. This frequently happens with CSS @font-face rules when using url sources and with the Google Fonts API.

1 个赞
5

@griffin yeah, the thing is that “http” leads to my discourse :slight_smile: and the fonts are that I choose from the Discourse Wizard

1 个赞
6

Would you mind sharing a URL of a page on which this happens?

1 个赞
7

Done - see personal message

1 个赞
8

To Discourse Team:

Bandaid works for now. Bug persists in standard Discourse installation font selection. May only be evident in desktop view and not mobile.

2 个赞
9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.