473,238 Members | 1,750 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,238 software developers and data experts.

Security Dialog box in Internet Explorer

I am facing a strange problem with my web site. Afer reinstalling the web
application on the web server, I am getting a dialog box for each page. The
dialog box has the following information.

"This page contains both secure and nonsecure items. Do you want to display
the nonsecure items."

It was not happening before. I have searched in internet for removing the
dialog box. This is the solution that I got

1) Go to Internet options
2) Click on security Tab
3) Click Custom Level Button
4) Scroll to Miscellaneous Section
5) click on "Disable" radio button for the group Display mixed Content.

AFter doing the above, the dialog box is no more displayed. But my web
application will be access by more than 1000 users and it is very weired to
asked them to do the above settings. I am sure it was working perfectly fine
before. I want to understand this problem very well and troubleshoot it. My
page does not contain any harmful components. It is created in ASP.net and
C#. Even the most simple page is giving me this dialog box.

I am using the internet explorer versino 6.0.2800.1106

It would be great if the experts there could give me any idea why this is
happening. Again, I do not want the client to make modifications to the
options in their internet explorer to get rid of this dialog box.

Thanks in advance

Pradeep_tp
Nov 19 '05 #1
6 2081
Pradeep,

The most common cause of this and what is meant by "mixed content" is images
that are being linked to via a non-secure address but being displayed on a
secure page (or any other display item being linked to for that matter). If
you are connecting to any page of your web site via an https link then that
page's images src tag should either use use relative links
src="/images/myimage.jpg" so that the full link will be built out via https
or it should contain the full link
src="https://www.mywebsite.com/images/myimage.jpg".

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
news:61**********************************@microsof t.com...
I am facing a strange problem with my web site. Afer reinstalling the web
application on the web server, I am getting a dialog box for each page.
The
dialog box has the following information.

"This page contains both secure and nonsecure items. Do you want to
display
the nonsecure items."

It was not happening before. I have searched in internet for removing the
dialog box. This is the solution that I got

1) Go to Internet options
2) Click on security Tab
3) Click Custom Level Button
4) Scroll to Miscellaneous Section
5) click on "Disable" radio button for the group Display mixed Content.

AFter doing the above, the dialog box is no more displayed. But my web
application will be access by more than 1000 users and it is very weired
to
asked them to do the above settings. I am sure it was working perfectly
fine
before. I want to understand this problem very well and troubleshoot it.
My
page does not contain any harmful components. It is created in ASP.net and
C#. Even the most simple page is giving me this dialog box.

I am using the internet explorer versino 6.0.2800.1106

It would be great if the experts there could give me any idea why this is
happening. Again, I do not want the client to make modifications to the
options in their internet explorer to get rid of this dialog box.

Thanks in advance

Pradeep_tp

Nov 19 '05 #2
Hi justin,

I have checked the source tag of all the images but did not find any src
attribute pointing to any unsecured URL. "src" attribute is pointing to the
images folder on the same server with "https" protocol. for example all the
image src attribute has the following format.

https://staging.myserver.com/mywebapp/images/home.gif

It would be great if you could throw more light on it.

cheers!!
pradeeptp

"S. Justin Gengo" wrote:
Pradeep,

The most common cause of this and what is meant by "mixed content" is images
that are being linked to via a non-secure address but being displayed on a
secure page (or any other display item being linked to for that matter). If
you are connecting to any page of your web site via an https link then that
page's images src tag should either use use relative links
src="/images/myimage.jpg" so that the full link will be built out via https
or it should contain the full link
src="https://www.mywebsite.com/images/myimage.jpg".

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
news:61**********************************@microsof t.com...
I am facing a strange problem with my web site. Afer reinstalling the web
application on the web server, I am getting a dialog box for each page.
The
dialog box has the following information.

"This page contains both secure and nonsecure items. Do you want to
display
the nonsecure items."

It was not happening before. I have searched in internet for removing the
dialog box. This is the solution that I got

1) Go to Internet options
2) Click on security Tab
3) Click Custom Level Button
4) Scroll to Miscellaneous Section
5) click on "Disable" radio button for the group Display mixed Content.

AFter doing the above, the dialog box is no more displayed. But my web
application will be access by more than 1000 users and it is very weired
to
asked them to do the above settings. I am sure it was working perfectly
fine
before. I want to understand this problem very well and troubleshoot it.
My
page does not contain any harmful components. It is created in ASP.net and
C#. Even the most simple page is giving me this dialog box.

I am using the internet explorer versino 6.0.2800.1106

It would be great if the experts there could give me any idea why this is
happening. Again, I do not want the client to make modifications to the
options in their internet explorer to get rid of this dialog box.

Thanks in advance

Pradeep_tp


Nov 19 '05 #3
And what if you check the IIS log server side for non HTTPS GETs ?

--
Patrice

"pradeep_TP" <pr*******@discussions.microsoft.com> a écrit dans le message
de news:69**********************************@microsof t.com...
Hi justin,

I have checked the source tag of all the images but did not find any src
attribute pointing to any unsecured URL. "src" attribute is pointing to the images folder on the same server with "https" protocol. for example all the image src attribute has the following format.

https://staging.myserver.com/mywebapp/images/home.gif

It would be great if you could throw more light on it.

cheers!!
pradeeptp

"S. Justin Gengo" wrote:
Pradeep,

The most common cause of this and what is meant by "mixed content" is images that are being linked to via a non-secure address but being displayed on a secure page (or any other display item being linked to for that matter). If you are connecting to any page of your web site via an https link then that page's images src tag should either use use relative links
src="/images/myimage.jpg" so that the full link will be built out via https or it should contain the full link
src="https://www.mywebsite.com/images/myimage.jpg".

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
news:61**********************************@microsof t.com...
I am facing a strange problem with my web site. Afer reinstalling the web application on the web server, I am getting a dialog box for each page. The
dialog box has the following information.

"This page contains both secure and nonsecure items. Do you want to
display
the nonsecure items."

It was not happening before. I have searched in internet for removing the dialog box. This is the solution that I got

1) Go to Internet options
2) Click on security Tab
3) Click Custom Level Button
4) Scroll to Miscellaneous Section
5) click on "Disable" radio button for the group Display mixed Content.
AFter doing the above, the dialog box is no more displayed. But my web
application will be access by more than 1000 users and it is very weired to
asked them to do the above settings. I am sure it was working perfectly fine
before. I want to understand this problem very well and troubleshoot it. My
page does not contain any harmful components. It is created in ASP.net and C#. Even the most simple page is giving me this dialog box.

I am using the internet explorer versino 6.0.2800.1106

It would be great if the experts there could give me any idea why this is happening. Again, I do not want the client to make modifications to the options in their internet explorer to get rid of this dialog box.

Thanks in advance

Pradeep_tp


Nov 19 '05 #4
hi patrice,

You have given me an interesting clue. So you mean to say that, IIS creates
log for these security warnings. Can you please tell me how can i check IIS
log.

Thanks
pradeep_tp

"Patrice" wrote:
And what if you check the IIS log server side for non HTTPS GETs ?

--
Patrice

"pradeep_TP" <pr*******@discussions.microsoft.com> a écrit dans le message
de news:69**********************************@microsof t.com...
Hi justin,

I have checked the source tag of all the images but did not find any src
attribute pointing to any unsecured URL. "src" attribute is pointing to

the
images folder on the same server with "https" protocol. for example all

the
image src attribute has the following format.

https://staging.myserver.com/mywebapp/images/home.gif

It would be great if you could throw more light on it.

cheers!!
pradeeptp

"S. Justin Gengo" wrote:
Pradeep,

The most common cause of this and what is meant by "mixed content" is images that are being linked to via a non-secure address but being displayed on a secure page (or any other display item being linked to for that matter). If you are connecting to any page of your web site via an https link then that page's images src tag should either use use relative links
src="/images/myimage.jpg" so that the full link will be built out via https or it should contain the full link
src="https://www.mywebsite.com/images/myimage.jpg".

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
news:61**********************************@microsof t.com...
>I am facing a strange problem with my web site. Afer reinstalling the web > application on the web server, I am getting a dialog box for each page. > The
> dialog box has the following information.
>
> "This page contains both secure and nonsecure items. Do you want to
> display
> the nonsecure items."
>
> It was not happening before. I have searched in internet for removing the > dialog box. This is the solution that I got
>
> 1) Go to Internet options
> 2) Click on security Tab
> 3) Click Custom Level Button
> 4) Scroll to Miscellaneous Section
> 5) click on "Disable" radio button for the group Display mixed Content. >
> AFter doing the above, the dialog box is no more displayed. But my web
> application will be access by more than 1000 users and it is very weired > to
> asked them to do the above settings. I am sure it was working perfectly > fine
> before. I want to understand this problem very well and troubleshoot it. > My
> page does not contain any harmful components. It is created in ASP.net and > C#. Even the most simple page is giving me this dialog box.
>
> I am using the internet explorer versino 6.0.2800.1106
>
> It would be great if the experts there could give me any idea why this is > happening. Again, I do not want the client to make modifications to the > options in their internet explorer to get rid of this dialog box.
>
> Thanks in advance
>
> Pradeep_tp
>
>


Nov 19 '05 #5
Pradeep,

Patrice is steering you in the correct direction. If you images aren't the
cause of the problem then some other link/object is. And the logs are the
quickest way to find them. IIS automatically logs all requests to the
server. How your server is set up will make a difference on where those logs
may be stored. Do you have full access to your server or are you using a
hosting company?

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
news:AF**********************************@microsof t.com...
hi patrice,

You have given me an interesting clue. So you mean to say that, IIS
creates
log for these security warnings. Can you please tell me how can i check
IIS
log.

Thanks
pradeep_tp

"Patrice" wrote:
And what if you check the IIS log server side for non HTTPS GETs ?

--
Patrice

"pradeep_TP" <pr*******@discussions.microsoft.com> a écrit dans le
message
de news:69**********************************@microsof t.com...
> Hi justin,
>
> I have checked the source tag of all the images but did not find any
> src
> attribute pointing to any unsecured URL. "src" attribute is pointing to

the
> images folder on the same server with "https" protocol. for example
> all

the
> image src attribute has the following format.
>
> https://staging.myserver.com/mywebapp/images/home.gif
>
> It would be great if you could throw more light on it.
>
> cheers!!
> pradeeptp
>
> "S. Justin Gengo" wrote:
>
> > Pradeep,
> >
> > The most common cause of this and what is meant by "mixed content" is

images
> > that are being linked to via a non-secure address but being displayed
> > on

a
> > secure page (or any other display item being linked to for that
> > matter).

If
> > you are connecting to any page of your web site via an https link
> > then

that
> > page's images src tag should either use use relative links
> > src="/images/myimage.jpg" so that the full link will be built out via

https
> > or it should contain the full link
> > src="https://www.mywebsite.com/images/myimage.jpg".
> >
> > --
> > Sincerely,
> >
> > S. Justin Gengo, MCP
> > Web Developer / Programmer
> >
> > www.aboutfortunate.com
> >
> > "Out of chaos comes order."
> > Nietzsche
> > "pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
> > news:61**********************************@microsof t.com...
> > >I am facing a strange problem with my web site. Afer reinstalling
> > >the

web
> > > application on the web server, I am getting a dialog box for each

page.
> > > The
> > > dialog box has the following information.
> > >
> > > "This page contains both secure and nonsecure items. Do you want to
> > > display
> > > the nonsecure items."
> > >
> > > It was not happening before. I have searched in internet for
> > > removing

the
> > > dialog box. This is the solution that I got
> > >
> > > 1) Go to Internet options
> > > 2) Click on security Tab
> > > 3) Click Custom Level Button
> > > 4) Scroll to Miscellaneous Section
> > > 5) click on "Disable" radio button for the group Display mixed

Content.
> > >
> > > AFter doing the above, the dialog box is no more displayed. But my
> > > web
> > > application will be access by more than 1000 users and it is very

weired
> > > to
> > > asked them to do the above settings. I am sure it was working

perfectly
> > > fine
> > > before. I want to understand this problem very well and
> > > troubleshoot

it.
> > > My
> > > page does not contain any harmful components. It is created in
> > > ASP.net

and
> > > C#. Even the most simple page is giving me this dialog box.
> > >
> > > I am using the internet explorer versino 6.0.2800.1106
> > >
> > > It would be great if the experts there could give me any idea why
> > > this

is
> > > happening. Again, I do not want the client to make modifications to

the
> > > options in their internet explorer to get rid of this dialog box.
> > >
> > > Thanks in advance
> > >
> > > Pradeep_tp
> > >
> > >
> >
> >
> >


Nov 19 '05 #6
No it doesn't record this directly. Basically it records all HTTP(S)
requests sent to the server. You have a log for each website under
system32\logfiles. See
http://support.microsoft.com/default...300390&sd=tech for
details...

In the log, the "port" column should be 80 for HTTP and 443 for HTTPS. It
will allow easily to see which resources are accessed using HTTP instead of
HTTPS as it seems you can't find them from the HTML markup (or double check
the CSS files, or possible IFRAMEs).

---
Patrice

"pradeep_TP" <pr*******@discussions.microsoft.com> a écrit dans le message
de news:AF**********************************@microsof t.com...
hi patrice,

You have given me an interesting clue. So you mean to say that, IIS creates log for these security warnings. Can you please tell me how can i check IIS log.

Thanks
pradeep_tp

"Patrice" wrote:
And what if you check the IIS log server side for non HTTPS GETs ?

--
Patrice

"pradeep_TP" <pr*******@discussions.microsoft.com> a écrit dans le message de news:69**********************************@microsof t.com...
Hi justin,

I have checked the source tag of all the images but did not find any src attribute pointing to any unsecured URL. "src" attribute is pointing to
the
images folder on the same server with "https" protocol. for example
all the
image src attribute has the following format.

https://staging.myserver.com/mywebapp/images/home.gif

It would be great if you could throw more light on it.

cheers!!
pradeeptp

"S. Justin Gengo" wrote:

> Pradeep,
>
> The most common cause of this and what is meant by "mixed content"
is images
> that are being linked to via a non-secure address but being
displayed on a
> secure page (or any other display item being linked to for that
matter). If
> you are connecting to any page of your web site via an https link
then that
> page's images src tag should either use use relative links
> src="/images/myimage.jpg" so that the full link will be built out
via https
> or it should contain the full link
> src="https://www.mywebsite.com/images/myimage.jpg".
>
> --
> Sincerely,
>
> S. Justin Gengo, MCP
> Web Developer / Programmer
>
> www.aboutfortunate.com
>
> "Out of chaos comes order."
> Nietzsche
> "pradeep_TP" <pr*******@discussions.microsoft.com> wrote in message
> news:61**********************************@microsof t.com...
> >I am facing a strange problem with my web site. Afer reinstalling
the web
> > application on the web server, I am getting a dialog box for each

page.
> > The
> > dialog box has the following information.
> >
> > "This page contains both secure and nonsecure items. Do you want
to > > display
> > the nonsecure items."
> >
> > It was not happening before. I have searched in internet for removing the
> > dialog box. This is the solution that I got
> >
> > 1) Go to Internet options
> > 2) Click on security Tab
> > 3) Click Custom Level Button
> > 4) Scroll to Miscellaneous Section
> > 5) click on "Disable" radio button for the group Display mixed

Content.
> >
> > AFter doing the above, the dialog box is no more displayed. But my
web > > application will be access by more than 1000 users and it is very

weired
> > to
> > asked them to do the above settings. I am sure it was working

perfectly
> > fine
> > before. I want to understand this problem very well and

troubleshoot it.
> > My
> > page does not contain any harmful components. It is created in
ASP.net and
> > C#. Even the most simple page is giving me this dialog box.
> >
> > I am using the internet explorer versino 6.0.2800.1106
> >
> > It would be great if the experts there could give me any idea why
this is
> > happening. Again, I do not want the client to make modifications
to the
> > options in their internet explorer to get rid of this dialog box.
> >
> > Thanks in advance
> >
> > Pradeep_tp
> >
> >
>
>
>


Nov 19 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

12
by: Ümit | last post by:
Microsoft Never sends security patches via e-mail. This exe file may be a virus or a trojan. "Eija Silvennoinen" <kpidxbg_erbm@ogqj.com> wrote in message...
2
by: Angel | last post by:
how does one create a web page dialog? I was astonished to find in Hotmail when you empty your junkmail box in hotmail that a explorer window pops up and emulates as a dialog window but with a custom...
6
by: Fred | last post by:
I have implemented a dialog box (an aspx page) using showModalDialog. Because the dialog needs to process postbacks, I have implemented it in a frameset. In the top of the framset page, I have...
1
by: SrDhUS | last post by:
I get the following error when I try to add a web reference using Web Reference Dialog (VS .Net 2003) Error "The proxy settings on this computer are not configured correctly for web discovery."...
2
by: Charles Mifsud | last post by:
Hi all, We have an asp.net 2.0 page with a button. On clicking the button we redirect to another page which downloads a file. When we deploy on the web server we are gretting a security...
4
by: NormD | last post by:
I am running Windows XP, and IE version 6.0.2900 on my desktop. It has the ..Net Framework Service Pack 1 installed on it. Security was turned off on the machine using "CASPOL -s off". A .Net...
3
by: SpaceMarine | last post by:
sorry for the near-dupe post (also in .security), but im desperately trying to find an answer to this... i am attempting to configure security for an intranet web application in ASP.NET 2. it...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.