By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,631 Members | 826 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,631 IT Pros & Developers. It's quick & easy.

Mixing secured (HTTPS) and non-secured (HTTP) content in the samepage

P: n/a
Hi,

Is it possible to have secured (SSL/HTTPS) and non-secured (HTTP)
content in the same page without breaking the security? I am developing
a secured reservation system in which the user can access Google Maps
(not secured). The map is embedded in the page and does not open in a
separate window.

What solution do you recommend? Use iframes? If so, how?

Thank you,

Daniel
Apr 10 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
If you have separate portal windows, one coming from http and the other
from https, then security won't be a problem, as the https window will
always be https.

You just need to get the URL for each window to come from the
appropriate URL.

Apr 10 '06 #2

P: n/a
Daniel Frechette wrote:
Is it possible to have secured (SSL/HTTPS) and non-secured (HTTP)
content in the same page without breaking the security?
That depends on how you want to define security. Sure it is possible to
mix resource retrieved via the encrypted and the unencrypted version of
the protocol. Security is then compromised such that the connection
for resources retrieved via unencrypted HTTP is unencrypted, while the
connections for resources retrieved via HTTPS (HTTP over SSL/TLS) are
encrypted.
I am developing a secured reservation system in which the user can access
Google Maps (not secured). The map is embedded in the page and does not
open in a separate window.

What solution do you recommend? Use iframes? If so, how?


You are off topic here. (It is irrelevant for your concerns that Google
Maps uses XML HTTP requests triggered by client-side scripting.)
PointedEars
Apr 10 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.