File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes HTML, CSS and JavaScript and the fly likes secure nonsecure warning in IE Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Reply locked New topic
Author

secure nonsecure warning in IE

Tina Desai
Ranch Hand

Joined: Mar 13, 2003
Posts: 365
Can we get rid of the "This page contains both secure and nonsecure items" warning?

When I did some searching on google, I found that full paths [ http://....] especially for images referred from secure sites can cause these. We are using the relative paths only in our application. [../ or mostly /mydir...]

However, there are some links on the page which are anchors to some other site. Say this is the portal main site.. our application will be one part of it.

1. On one site I read that such anchor [<a href>] tags do not create such alerts. Is it true?
2. Also on one forum I read that it does not come because of the 'http://' occurences I have in the serverside [in web services/ namespace references etc]
3. I have AJAX for some other functionality. For IE we are initializing one activeX control for it. Can this be the cause?

Any hint will be a huge help!

Moderator: If this is not a proper forum, can you move this to the one which is right and can fetch me an answer? Thanks!

Regards,
Tina


Alongwith being a good coder, try to be a good professional as well!
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42648
    
  65
The issue is that some resources (CSS files, images, JavaScript) are loaded through HTTP, while others are loaded through HTTPS. If the page is loaded through HTTPS, then a single resource loaded via HTTP will trigger this warning. Make sure that you reference all resources either by relative paths, or explicitly through HTTPS if you use absolute paths.

Having HTTP links to other sites in a page will not trigger this warning (but it will trigger a different warning if you click on them.)


Ping & DNS - my free Android networking tools app
Tina Desai
Ranch Hand

Joined: Mar 13, 2003
Posts: 365
How can I find out what is making the problem? Which element? Now we know its because of the mixing of content. But when I do a view source of the page, I do not get anything in search of the html source that is 'http:'. How do I search/debug this?

Regards,
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42648
    
  65
You can check the log files of the web server to see which resources are accessed. Or use Firefox with the excellent LiveHttpHeaders extension, which logs all HTTP(S) requests and responses.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Originally posted by Tina Desai:
How can I find out what is making the problem? Which element? Now we know its because of the mixing of content. But when I do a view source of the page, I do not get anything in search of the html source that is 'http:'. How do I search/debug this?

Regards,


MSIE will also throw up that warning if the "href" or "src" attribute of an element (img, iframe, etc..) is blank.


Moving to the HTML/Javascript forum since this is a browser, not a server, issue.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61661
    
  67

Please do not cross-post the same question more than once or in multiple forums.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: secure nonsecure warning in IE