强制跳转 https 的几种方法

html 文件，head 中加入如下meta

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

javascript 脚本，适用于IIS服务器的 403-4.htm 或者 403.htm

<script type="text/javascript">
var url = window.location.href;
if (url.indexOf("https") < 0) {
    url = url.replace("http:", "https:");
    window.location.replace(url);
}
</script>

php 脚本

if ($_SERVER["HTTPS"] <> "on"){
    $xredir="https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
    header("Location: ".$xredir);
}

.htaccess文件，适用于Apache 配置文件的<Directory>标签内

RewriteEngine on
RewriteBase /yourfolder
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

Nginx服务器，在 server {  ... } 中插入

    rewrite ^(.*)$  https://$host$1 permanent;

 

参考链接 https://www.sslzhengshu.com/article/post-447.html