解决方案：

<--meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

可以在相应的页面的

This request has been blocked; the content must be served over HTTPS

在 HTTPS 承载的页面上不允许出现 http 请求，一旦出现就是提示或报错：

This request has been blocked; the content must be served over HTTPS

解决方案：

html：

<--meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"/>

php:

header("Content-Security-Policy: upgrade-insecure-requests");

nginx:在server模块增加

add_header Content-Security-Policy "upgrade-insecure-requests;connect-src *";