By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,273 Members | 1,032 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,273 IT Pros & Developers. It's quick & easy.

Secure and Nonsecure items

P: n/a
Hey all,

I have been racking my brain all morning to find a solution to this,
and I am having no luck. Our webpage is created with Visual Studio C#
and ASP.Net, hosted in-house using HTTPS with SSL. We got it up and
running great in Dev but once we put it up on the secure server (HTTPS)
we started getting Security Alert messages saying "This page contains
both secure and nonsecure items." - It displays several of these on
every page of the site. Regardless of whether I select yes or no, the
page displays identically. I realise that if you change the settings in
IE for "display mixed content" to 'enable' that fixes the problem.
However, telling our customers to alter thier security settings for our
site is unacceptable.

I am looking for a server-side solution to this problem. What in our
webpage is causing this error?? All images are being displayed with
relevant anchors.

Thanks,

Todd

Nov 23 '05 #1
Share this Question
Share on Google+
8 Replies


P: n/a
You need to place your images in a secure directory, too.

Your files are being served from https://yoursite
While your images are being served from http://yoursite/images

Notice the protocol difference.
Secure your images directory, and the problem should disappear.


Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Espaņol : http://asp.net.do/foros/
======================================
<to********@gmail.com> wrote in message
news:11**********************@g47g2000cwa.googlegr oups.com...
Hey all,

I have been racking my brain all morning to find a solution to this,
and I am having no luck. Our webpage is created with Visual Studio C#
and ASP.Net, hosted in-house using HTTPS with SSL. We got it up and
running great in Dev but once we put it up on the secure server (HTTPS)
we started getting Security Alert messages saying "This page contains
both secure and nonsecure items." - It displays several of these on
every page of the site. Regardless of whether I select yes or no, the
page displays identically. I realise that if you change the settings in
IE for "display mixed content" to 'enable' that fixes the problem.
However, telling our customers to alter thier security settings for our
site is unacceptable.

I am looking for a server-side solution to this problem. What in our
webpage is causing this error?? All images are being displayed with
relevant anchors.

Thanks,

Todd

Nov 23 '05 #2

P: n/a
Juan,

The base directory for both the files and the images is secured, and if
you click on each of the images being displayed on the page to view
properties, they each have a https://mysite link.

The only thing I can think of, is the number of popups displayed seems
to be related to the number of application containers on the page. For
example, I have one page that is very simple, it displays a list of
data in 4 columns. These are formatted into 4 <td>'s in each of which
there is a DataGrid object. When this page is loaded, I get 4 of these
popups. I see similar results all over the site (though it isnt quite
that simple - soimetimes this page gives 5).

Thanks for any advice in advance

Todd

Nov 23 '05 #3

P: n/a
Nevertheless, the *only* possible reason for getting the
"both secure and non-secure items" popup is that you're
-somehow- attempting to include non-secure items in your secure pages.

I thought it might be images. Maybe they're not.

But you're trying to display both "secure" and "non-secure"
items in your pages, otherwise that popup wouldn't pop up.

Look carefully for the non-secure items in your code.
You'll find them. When you do, secure them.

Have you tried to do a very simple test page,
and start adding things to it, until the warning popsup ?

That might be a good way to figure out what's going on.

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Espaņol : http://asp.net.do/foros/
======================================
<to********@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
Juan,

The base directory for both the files and the images is secured, and if
you click on each of the images being displayed on the page to view
properties, they each have a https://mysite link.

The only thing I can think of, is the number of popups displayed seems
to be related to the number of application containers on the page. For
example, I have one page that is very simple, it displays a list of
data in 4 columns. These are formatted into 4 <td>'s in each of which
there is a DataGrid object. When this page is loaded, I get 4 of these
popups. I see similar results all over the site (though it isnt quite
that simple - soimetimes this page gives 5).

Thanks for any advice in advance

Todd

Nov 23 '05 #4

P: n/a
Does the grid use any images that might be coming from an unsecured
directory?

Like Juan said, something on the page is from a non-secured source.

<to********@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
Juan,

The base directory for both the files and the images is secured, and if
you click on each of the images being displayed on the page to view
properties, they each have a https://mysite link.

The only thing I can think of, is the number of popups displayed seems
to be related to the number of application containers on the page. For
example, I have one page that is very simple, it displays a list of
data in 4 columns. These are formatted into 4 <td>'s in each of which
there is a DataGrid object. When this page is loaded, I get 4 of these
popups. I see similar results all over the site (though it isnt quite
that simple - soimetimes this page gives 5).

Thanks for any advice in advance

Todd

Nov 23 '05 #5

P: n/a
Well, at long last I have determined the problem. Its the ASP.Net
ExpertMenu we are using from

http://www.aspnetexpert.com/

Im in contact the company now to see if they support SSL. If anyones
had experience with this product before, id appreciate input.

But when I cut it out of the code, everything loads fine. Thanks to
Juan for the idea.

Nov 23 '05 #6

P: n/a
if you hit the page with firefox, you can look at page info->media and see
the unsecure referenece.

-- bruce (sqlwork.com)

<to********@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
Juan,

The base directory for both the files and the images is secured, and if
you click on each of the images being displayed on the page to view
properties, they each have a https://mysite link.

The only thing I can think of, is the number of popups displayed seems
to be related to the number of application containers on the page. For
example, I have one page that is very simple, it displays a list of
data in 4 columns. These are formatted into 4 <td>'s in each of which
there is a DataGrid object. When this page is loaded, I get 4 of these
popups. I see similar results all over the site (though it isnt quite
that simple - soimetimes this page gives 5).

Thanks for any advice in advance

Todd

Nov 23 '05 #7

P: n/a
For anyone thats interested, got the update of ExpertMenu. Site runs
like a dream now on https =)

Nov 23 '05 #8

P: n/a
Congratulations, Todd!

I'm glad my suggestion pointed you in the right direction,
but you did the real work !

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Espaņol : http://asp.net.do/foros/
======================================
<to********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com...
For anyone thats interested, got the update of ExpertMenu. Site runs
like a dream now on https =)

Nov 23 '05 #9

This discussion thread is closed

Replies have been disabled for this discussion.