I am modifying an existing ASP.NET application to make it SSL
compatible. I have already searched the codebase and eliminated all
hardcoded "http" instances, replacing them with a method call that
returns the appropriate ("http" or "https") value in a given context. I
have also modified all iframe instances to ensure they always have a
valid src. But, when I run the application, I still encounter the
following Security dialog in IE:
Security Information
This page contains both secure and nonsecure items.
Do you want to display the nonsecure items?
(Yes) (No) (More Info)
My problem is that I can't figure out what is causing IE to report this
problem. Changing the settings in IE, while a popular solution in the
ie groups, is not a solution. I need to fix the underlying problem in
the application to provide users an acceptable user experience.
I tried using Fiddler to capture the non-SSL traffic from the browser
to IIS, but it would appear there is no traffic associated with the
warning, at least not traffic that Fiddler would intercept.
Unfortunately, because of the characteristics of the specific window
encountering the problem, I can not display the page's source (the
right click IE menu is being surpressed).
Anyone have any ideas?
IS there something other than a reference through an explicit "http:"
or an iframe without a non-null src specified that cause this dialog to
be displayed?
Hasn't someone built a plugin for IIS that would allow for monitoring
SSL traffic? Or, something to act as IE? (unfortunately, this is a very
IE dependent application, so I can't experiment with alternate browsers
unless they are fully IE compatible).
Thank you in advance for your help,
Marc 2 1924 ma*********@gma il.com wrote: I am modifying an existing ASP.NET application to make it SSL compatible. I have already searched the codebase and eliminated all hardcoded "http" instances, replacing them with a method call that returns the appropriate ("http" or "https") value in a given context. I have also modified all iframe instances to ensure they always have a valid src. But, when I run the application, I still encounter the following Security dialog in IE:
Security Information
This page contains both secure and nonsecure items.
Do you want to display the nonsecure items?
(Yes) (No) (More Info)
My problem is that I can't figure out what is causing IE to report this problem. Changing the settings in IE, while a popular solution in the ie groups, is not a solution. I need to fix the underlying problem in the application to provide users an acceptable user experience.
I tried using Fiddler to capture the non-SSL traffic from the browser to IIS, but it would appear there is no traffic associated with the warning, at least not traffic that Fiddler would intercept.
Unfortunately, because of the characteristics of the specific window encountering the problem, I can not display the page's source (the right click IE menu is being surpressed).
Anyone have any ideas?
IS there something other than a reference through an explicit "http:" or an iframe without a non-null src specified that cause this dialog to be displayed?
Hasn't someone built a plugin for IIS that would allow for monitoring SSL traffic? Or, something to act as IE? (unfortunately, this is a very IE dependent application, so I can't experiment with alternate browsers unless they are fully IE compatible).
Thank you in advance for your help, Marc
SRC links (IMG, META, SCRIPT, etc) being fully qualified to non ssl
site, pathed to outside the site, etc.
--
Curt Christianson
site: http://www.darkfalz.com
blog: http://blog.darkfalz.com
Are you saying that Intellisense meta tags can cause these error
dialogs? I thought they were only evaluated at design time and wouldn't
impact production operation?
If Intellisense URLs do impact the Secure content warning, can they be
specified with SSL, i.e. https:, paths?
--
Sent via .NET Newsgroups http://www.dotnetnewsgroups.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Charles A. Lackman |
last post by:
Hello, I have a web site that has a single page secured using SSL. This
page also has Flash Macromedia header on it, Does this cause a conflict?
When you visit the site it says, "This page contains both secure and
nonsecure items. Do you wnat to display the nonsecure items?"
If you click yes, there is no lock at the bottom right corner of the page,
it you select no then there is a lock. Regardless of whether you click yes
or no the...
|
by: VB Programmer |
last post by:
I created an ASP.NET website and recently got a secure certificate.
Whenever I visit any of the pages IE says
"This page contains both secure and nonsecure items. Do you want to display
the nonsecure items?"
What is considered secure and nonsecure? As the developer how can I create
the pages so this message doesn't appear?
Thanks!
|
by: todd.freed |
last post by:
Hey all,
I have been racking my brain all morning to find a solution to this,
and I am having no luck. Our webpage is created with Visual Studio C#
and ASP.Net, hosted in-house using HTTPS with SSL. We got it up and
running great in Dev but once we put it up on the secure server (HTTPS)
we started getting Security Alert messages saying "This page contains
both secure and nonsecure items." - It displays several of these on
every page of...
|
by: Mantorok |
last post by:
Hi all
This has been driving me nuts for months now, if I access my site from IE
https://db.cornwall.gov.uk/PlanningApplications and then hover over one of
the 2-level menus it comes up with the message:
"This page contains both secure and nonsecure items. Do you want to display
the nonsecure items?"
I've confirmed that there are "no" nonsecure items on this site, it works ok
|
by: =?Utf-8?B?cGF0cmlja2RyZA==?= |
last post by:
Hi guys!
I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?
Thanks in advance!
| |
by: DBLWizard |
last post by:
Howdy All,
I'm fighting with IE on a secure site where I am trying to set the
location of a frame from within javascript using code similar to this.
sHref = "DocumentViewPDF.asp?DocumentType=<%=sDocumentType
%>&Instrument=" + sInstrument;
objFrameImage = window.top.frames;
objFrameImage.location = sHref;
|
by: mikek12004 |
last post by:
I have recently put https on a page with certificate and everything but when I type https://.. in IE I get the message "this page contains both secure and nonsecure items" why? What is the nonsecure componets? I do not call anything outside the web directory of my domain and when I open to windows I choose 'yes' in one and no in the other (which then displays the 'lock') the 2 views are exactly the same! (thought that whatever made the problem...
|
by: tomaz |
last post by:
Hi
I have a website with multiple included js-files, included css-files...
There is a virtual keyboard programmed (for touchscreen use)
the moment I click on the keyboard icon to open the javascript keyboard, I get following error:
This page contains both secure and nonsecure items.
Do you want to display the nonsecure items.
I get this message only when connecting through https (ssl).
|
by: tomaz |
last post by:
Hi
I created an intranet over https.
some clients still use Internet Explorer 5.01, this can't be changed :(
Now I have following problem:
When I click on a navigation button BEFORE the page is fully loaded, I get following message:
This page contains both secure and nonsecure items.
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |