站点遇到下面的问题
Access to CSS stylesheet at 'http://wiki.xxx.com/xxx/styles.css' from origin 'http://wiki.xxx.net' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `local`.Access to image at 'http://wiki.xxx.com/xxx.svg' from origin 'http://wiki.xxx.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `local`.Access to resource at 'http://wiki.xxx.com/favicon.ico' from origin 'http://wiki.xxx.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `local`.Access to script at xxx
现象
突然就出现上面的错误了,资源加载不出来,请求包 CORS 错误,从请求上来看,像是请求的资源被缓存了,但加载不到,报了以上错误。
原因
Chrome更新至94版本时,引入了弃用试验,部分用户升级后chrome会阻止Private Network request。
Private Network request 是指目标站点的ip地址比请求发起者的ip地址更加私密。
例如,从公共网站 example.com 到私有网站 router.local 的请求,或从私有网站到 localhost 的请求。
更新日志参看:https://developer.chrome.com/blog/private-network-access-update/
解决方案
就是关闭这个新特性,不要让它禁用(记得重启)
浏览器输入:chrome://flags/#block-insecure-private-network-requests
这里还有个问题,我这边是最新的 chrome@103 版本,以上问题并不是稳定复现的,很小概率才遇到此问题,而且多刷新几次就好了。
所以很疑问上面这个报错产生的根源。不要需要再遇到时细细查看日志了。
若有收获,就点个赞吧
0 人点赞
