Menu
I have some pages that are sent via HTTPS. Internet Explorer sometimes complains about "This webpage contains content that will not be delivered using a secure HTTPS".
I looked in the html source to confirm all content calls (href, src, etc...) are sent via https. My CSS files use relative paths. But I'm still getting these warnings.
Is there an easy way to track down which items are not sent via HTTPS?
317
Fortunately, there are two quick checks to help you be certain: Look at the uniform resource locator (URL) of the website. A secure URL should begin with “https” rather than “http.” The “s” in “https” stands for secure, which indicates that the site is using a Secure Sockets Layer (SSL) Certificate.
If you really want to load http content in https, you can follow this method using a backend handler in charge of downloading and exposing the required content with self forged links including a hash. The security issue is then fixed and you get the content accessible through https.
The mixed content error occurs when both HTTP and HTTPS assets are being loaded from a web page that was requested to be fetched as HTTPS. The browser receives a secured page that includes insecure resources like videos, images, or scripts, and blocks this mixed content to protect its user.
You could fire up Fiddler to see what exactly IE is requesting over regular HTTP.
In Fiddler's default configuration, HTTPS requests will show up with a lock and CONNECT as the host. HTTP requests will have a non-lock icon.
(source: josh3736.net)
96
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
