http升级https的时候，遇到一个问题

问题：

Mixed Content: The page at ‘https://api.xxxx.com/test‘ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://api.xxxx.com/test‘. This request has been blocked; the content must be served over HTTPS.

添加这个：

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

参考：

http://thehackernews.com/2015/04/disable-mixed-content-warning.html