starred/electerm-web

Fork 0

mirror of https://github.com/electerm/electerm-web.git synced 2026-04-25 05:45:55 +03:00

[GH-ISSUE #24] 希望能支持ssl #20

New issue

Closed

opened 2026-02-26 22:31:15 +03:00 by kerem · 6 comments

kerem commented

2026-02-26 22:31:15 +03:00

Owner

Originally created by @wolfcdd on GitHub (Jun 24, 2025).
Original GitHub issue: https://github.com/electerm/electerm-web/issues/24

What feature you'd like to see or proposal(期望什么新功能/特性或者建议)

希望能直至https，现在只能http访问，使用https会出现如下报错：
Mixed Content: The page at 'https://abc.xxx.com:7072/' was loaded over HTTPS, but requested an insecure stylesheet 'http://10.3.5.77:7072/css/2.91.17-basic.css'. This request has been blocked; the content must be served over HTTPS.

即使在nginx反向代理中增加升级请求的参数也不生效

add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header Content-Security-Policy upgrade-insecure-requests;#自动升级请求，加载 http 资源时自动替换成 https 请求
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Originally created by @wolfcdd on GitHub (Jun 24, 2025). Original GitHub issue: https://github.com/electerm/electerm-web/issues/24 ### What feature you'd like to see or proposal(期望什么新功能/特性或者建议) 希望能直至https，现在只能http访问，使用https会出现如下报错： Mixed Content: The page at 'https://abc.xxx.com:7072/' was loaded over HTTPS, but requested an insecure stylesheet 'http://10.3.5.77:7072/css/2.91.17-basic.css'. This request has been blocked; the content must be served over HTTPS. 即使在nginx反向代理中增加升级请求的参数也不生效 add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header Content-Security-Policy upgrade-insecure-requests;#自动升级请求，加载 http 资源时自动替换成 https 请求 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

kerem closed this issue

2026-02-26 22:31:15 +03:00

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@zxdong262 commented on GitHub (Jun 24, 2025):

运行时候.env里不要设置HOST试试

@zxdong262 commented on GitHub (Jun 24, 2025): 运行时候.env里不要设置HOST试试

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@wolfcdd commented on GitHub (Jun 24, 2025):

运行时候.env里不要设置HOST试试

@zxdong262 env不设置HOST，就完全无法访问。。。

@wolfcdd commented on GitHub (Jun 24, 2025): > 运行时候.env里不要设置HOST试试 @zxdong262 env不设置HOST，就完全无法访问。。。

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@zxdong262 commented on GitHub (Jun 24, 2025):

确定是可以的，前几天在vps部署过，不过我是用443端口，这样可以直接访问https://xxxx.xxx,没有端口号，用certbot申请的证书

@zxdong262 commented on GitHub (Jun 24, 2025): 确定是可以的，前几天在vps部署过，不过我是用443端口，这样可以直接访问https://xxxx.xxx,没有端口号，用certbot申请的证书

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@wolfcdd commented on GitHub (Jun 25, 2025):

确定是可以的，前几天在vps部署过，不过我是用443端口，这样可以直接访问https://xxxx.xxx,没有端口号，用certbot申请的证书

@zxdong262 我使用的是docker版本，我是通过compose创建的，不知道是不是docker版本有特殊的设置，如果我不指定HOST，在LAN中无法访问服务，如果我指定了HOST为0.0.0.0，在LAN里可以正常访问。我也试过把SERVER设置为https，一样不行。

compose如下：

services:
    electerm-web:
        init: true
        restart: always
        container_name: electerm-web
        volumes:
            - /dockermnt/electerm-web/data:/home/electerm/data
        environment:
            - SERVER_SECRET=XXXX
            - SERVER_PASS=XXXX
            - ENABLE_AUTH=1
            - DB_PATH=/home/electerm/data
            - HOST=0.0.0.0
            - SERVER=http://192.168.2.222:7072
# root user
#            - LRR_UID=0
#            - LRR_GID=0
        ports:
            - 7072:5577
        image: zxdong262/electerm-web:latest

@wolfcdd commented on GitHub (Jun 25, 2025): > 确定是可以的，前几天在vps部署过，不过我是用443端口，这样可以直接访问[https://xxxx.xxx,没有端口号，用certbot申请的证书](https://xxxx.xxx,%E6%B2%A1%E6%9C%89%E7%AB%AF%E5%8F%A3%E5%8F%B7%EF%BC%8C%E7%94%A8certbot%E7%94%B3%E8%AF%B7%E7%9A%84%E8%AF%81%E4%B9%A6) @zxdong262 我使用的是docker版本，我是通过compose创建的，不知道是不是docker版本有特殊的设置，如果我不指定HOST，在LAN中无法访问服务，如果我指定了HOST为0.0.0.0，在LAN里可以正常访问。我也试过把SERVER设置为https，一样不行。 compose如下： ``` services: electerm-web: init: true restart: always container_name: electerm-web volumes: - /dockermnt/electerm-web/data:/home/electerm/data environment: - SERVER_SECRET=XXXX - SERVER_PASS=XXXX - ENABLE_AUTH=1 - DB_PATH=/home/electerm/data - HOST=0.0.0.0 - SERVER=http://192.168.2.222:7072 # root user # - LRR_UID=0 # - LRR_GID=0 ports: - 7072:5577 image: zxdong262/electerm-web:latest ```

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@zxdong262 commented on GitHub (Jun 25, 2025):

抱歉我说错了，不要设置SERVER试试

@zxdong262 commented on GitHub (Jun 25, 2025): 抱歉我说错了，不要设置SERVER试试

kerem commented

2026-02-26 22:31:16 +03:00

Author

Owner

@wolfcdd commented on GitHub (Jun 26, 2025):

抱歉我说错了，不要设置SERVER试试

@zxdong262 OK 已解决，希望能支持MFA，这样在外网会更加安全。

@wolfcdd commented on GitHub (Jun 26, 2025): > 抱歉我说错了，不要设置SERVER试试 @zxdong262 OK 已解决，希望能支持MFA，这样在外网会更加安全。

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/electerm-web#20

No description provided.

Rows
Columns