Hi guys!
I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?
Thanks in advance!
10  1623 
Your page will be referencing items using http://. eg
<img src="http://www.someserver.com/someimage.jpg">
To get rid of the warning all items need to be retrieved via https. View
Source on your page and see what you are not getting via https
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:35**********************************@microsof t.com...
Hi guys!
I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?
Thanks in advance!
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:35**********************************@microsof t.com...
I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?
The warning can be switched off in most browsers, but the users would have
to do that themselves - it's not something that the website can control.
Is there any reason that your MasterPage(s) can't also be in your site's
secure area...?
-- http://www.markrae.net
Yes, the (obvious) reason is... performance,
however I noticed that,
if someone navigates to e.g.: https://www.ultraedit.com/store/cust...me.php?cat=269
there are no warnings,
while,
if you go to page's source,
there are "http" links
"Mark Rae" wrote:
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:35**********************************@microsof t.com...
I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?
The warning can be switched off in most browsers, but the users would have
to do that themselves - it's not something that the website can control.
Is there any reason that your MasterPage(s) can't also be in your site's
secure area...?
--
http://www.markrae.net
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:65**********************************@microsof t.com...
Yes, the (obvious) reason is... performance,
Ahem...
however I noticed that,
if someone navigates to e.g.:
https://www.ultraedit.com/store/cust...me.php?cat=269
there are no warnings,
while,
if you go to page's source,
there are "http" links
Yes, that's right... If an https page has links to http resources, the
warning doesn't appear, but if an http page has links to https resources, it
does...
It's a security thing...
-- http://www.markrae.net
Yes, that's right... If an https page has links to http resources, the
warning doesn't appear, but if an http page has links to https resources, it
does...
It's a security thing...
The strange thing is that my page IS https (has http links however) and
still there are warnings!
The strange thing is that my page IS https (has http links however) and
still there are warnings!
It is the http links that are causing the warning. What the browser is
telling you is that although the page's HTML has been received over HTTPS
not everything on the page has been retrieved over HTTPS so not everything
on the page can be guaranteed as secure.
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:FC**********************************@microsof t.com...
>Yes, that's right... If an https page has links to http resources, the
warning doesn't appear, but if an http page has links to https resources,
it
does...
It's a security thing...
The strange thing is that my page IS https (has http links however) and
still there are warnings!
I must apologise - I got that completely the wrong way round...
If an http page has links to https resources, the warning doesn't appear,
but if an https page has links to http resources, it does...
-- http://www.markrae.net
so, what should I do,
convert all my links to https?
Then the problem would be,
in order to navigate to an external site (url),
if that isn't https,
the page would never open!
"Mark Rae" wrote:
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:FC**********************************@microsof t.com...
Yes, that's right... If an https page has links to http resources, the
warning doesn't appear, but if an http page has links to https resources,
it
does...
It's a security thing...
The strange thing is that my page IS https (has http links however) and
still there are warnings!
I must apologise - I got that completely the wrong way round...
If an http page has links to https resources, the warning doesn't appear,
but if an https page has links to http resources, it does...
--
http://www.markrae.net
"patrickdrd" <pa********@discussions.microsoft.comwrote in message
news:32**********************************@microsof t.com...
so, what should I do,
convert all my links to https?
Yes, if you want the warning to disappear...
Either that, or move all of the images etc into the same site and use
relative addressing...
-- http://www.markrae.net
In article <32**********************************@microsoft.co m>,
patrickdrd <pa********@discussions.microsoft.comwrites
>so, what should I do,
convert all my links to https?
Then the problem would be,
in order to navigate to an external site (url),
if that isn't https,
the page would never open!
I think you're confusing links with resources.
If you load a page under SSL, then any resources loaded by that secure
page, such as images, stylesheets, Javascript files, etc must all be
loaded under SSL to avoid having the warning.
However, you can have external links, ie <a href="http://www.blah.com/">
that point to non-SSL URLs as these are not loaded with the page.
So, you only need to check that anything actually loaded by your page is
under SSL. Any external links are irrelevant.
HTH
--
Alan Silver
(anything added below this line is nothing to do with me) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Charles A. Lackman |
last post by:
Hello, I have a web site that has a single page secured using SSL. This
page also has Flash Macromedia header on it, Does this cause a conflict?
When you visit the site it says, "This page...
|
by: Charles A. Lackman |
last post by:
Hello, I have a web site that has a single page secured using SSL. This
page also has Flash Macromedia header on it, Does this cause a conflict?
When you visit the site it says, "This page...
|
by: VB Programmer |
last post by:
I created an ASP.NET website and recently got a secure certificate.
Whenever I visit any of the pages IE says
"This page contains both secure and nonsecure items. Do you want to display
the...
|
by: marc.gibian |
last post by:
I am modifying an existing ASP.NET application to make it SSL
compatible. I have already searched the codebase and eliminated all
hardcoded "http" instances, replacing them with a method call that...
|
by: Just D. |
last post by:
All,
I'm having a WebApp working through a secure connection (https). One of my
pages is calling an external site to show the geographical map, this site is
not secure and it should be calling...
|
by: todd.freed |
last post by:
Hey all,
I have been racking my brain all morning to find a solution to this,
and I am having no luck. Our webpage is created with Visual Studio C#
and ASP.Net, hosted in-house using HTTPS with...
|
by: Mantorok |
last post by:
Hi all
This has been driving me nuts for months now, if I access my site from IE
https://db.cornwall.gov.uk/PlanningApplications and then hover over one of
the 2-level menus it comes up with the...
|
by: mikek12004 |
last post by:
I have recently put https on a page with certificate and everything but when I type https://.. in IE I get the message "this page contains both secure and nonsecure items" why? What is the nonsecure...
|
by: tomaz |
last post by:
Hi
I have a website with multiple included js-files, included css-files...
There is a virtual keyboard programmed (for touchscreen use)
the moment I click on the keyboard icon to open the...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
