This page contains both secure and nonsecure items
Sometimes creating a secure page is easy – you just change the http to https and you’re done. On other times you open the page in Internet Explorer and it starts complaining about unsecure items on the page. It’s annoying because many users get scared away thinking something wrong is going on. Or it’s just annoying since you don’t want to click ok every time you load a page.
To remove this alert follow these simple rules. After you do something reload. If there’s no more alerts you succeeded. Otherwise go on. If you get in a jam leave a comment and I’ll try to find one and add a rule.
- Change all about:blank links (yep, these are unsecure) to a blank file that exists and is a https:// link.
- Install Fiddler and check if there are any hidden requests to http:// (it won’t show https:// requests with the default setting). Change them to https://
- Check if any iframes have # for src or the src is left blank. Change them to something that is a https:// link and exists. Looks like # is actually an alias to about:blank.
- Find any resources that return an error (404, 500). This one is tricky since it’s not really easy to set up an SSL proxy. Try checking the server’s access logs.
The trick behind these is that any data that comes from an unsecure source triggers the alert. Unsecure data might come from a http:// link OR a built in page. Built in pages are for example about:blank. BUT what you wouldn’t expect is that also Explorer’s built in error pages are unsecure. So if you get a 500 or 404 error and Explorer decides to display its internal error message you will get an alert.
This might not be all but I think it should be enough.
jilbabs and abayas
thank you so much for this!!! very helpful :-)
I need your help, in my one site i have to integrate SSL & i remove all absolute path & http:// path from my site but there is some external links are there which is creates problem to me & those links are not working with https://… so what i have to do?
Please help me, thanks in advance…
Links are not a problem, resources are. Any http resources as well as any empty resources are insecure. If that doesn’t work remove code part-by-part to find out what triggers the nonsecure message…
Can you help me & give me proper solution i m stuck up in this task.
I find out the issue it is because of some images & js are coming from other site, now in ssl page it is create problem & i m also not able to give https:// link to those images path bcoz those sites are not ssl enabled.
And also not able to download images & js from those sites give our sites path because they dont allow it.
So what to do, please help me.
In my site there one external css & js which is creates problem for me in HTTPS, and i can’t remove that because it is important, and also not able to download and set it up on my site…
They are also not provide css & js with https code…
So what to do? Please give me solution…
If you can’t move that content into an iframe then you can’t do a thing…