Menu
Do browsers throw security errors when "https://sub.example.com" is embedded in an iFrame inside "https://www.example.com"?
If not, are there any restrictions? Do they need to be using the same SSL certificate (wildcard)?
369
No, HTTPS content from many separate sources (via images, iframes, scripts etc) may comprise a single page whilst keeping the ‘secure’ UI, as long as all resources independently pass certificate validation. Doesn't have to be the same hostname, same domain, same certificate or same CA.
146
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
