nginx中https配置 引用HTTP资源报错

通过https访问登录页正常，但是输入账号密码点击登录则报错，在nginx中加上一句就解决问题

add_header Content-Security-Policy upgrade-insecure-requests;

server {

        listen      80;

        listen      443 ssl;

        server_name  www.by-ever.com;

        ssl_certificate ssl/by-ever.com.crt;

        ssl_certificate_key ssl/by-ever.com.key;

        ssl_session_cache shared:SSL:1m;

        ssl_session_timeout  10m;

        ssl_ciphers HIGH:!aNULL:!MD5;

        ssl_prefer_server_ciphers on;

        location / {

            #proxy_set_header Host  $host:$server_port;

            #proxy_set_header X-Forwarded-For  $remote_addr;

            #proxy_pass http://backend_tyapi;

            root  html;

            index  index.html index.htm;

        }

        location /edu330 {

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forworded-For $proxy_add_x_forwarded_for;

            proxy_pass http://127.0.0.1:8080/edu330/;

        }

        error_page  500 502 503 504  /50x.html;

        location = /50x.html {

            root  html;

        }

        #允许跨域请求的域，*代表所有

        add_header 'Access-Control-Allow-Origin'  '*';

        #允许带上cookie请求

        add_header 'Access-Control-Allow-Credentials'  'true';

        #允许请求的方法，比如 GET/POST/PUT/DELETE

        add_header 'Access-Control-Allow-Methods'  '*';

        #允许请求的header

        add_header 'Access-Control-Allow-Headers'  '*';

        add_header Content-Security-Policy upgrade-insecure-requests;

}