masterpages and secure and nonsecure items warning

G

Guest

Hi guys!

I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?

Thanks in advance!
 
M

Mark Rae

I use masterpages for my website,
the inside content is secured (https),
while the header and the footer master files are not,
so, can I get rid of the "This page contains both secure and nonsecure
items" warning?

The warning can be switched off in most browsers, but the users would have
to do that themselves - it's not something that the website can control.

Is there any reason that your MasterPage(s) can't also be in your site's
secure area...?
 
G

Guest

Yes, that's right... If an https page has links to http resources, the
warning doesn't appear, but if an http page has links to https resources, it
does...

It's a security thing...

The strange thing is that my page IS https (has http links however) and
still there are warnings!
 
A

Aidy

The strange thing is that my page IS https (has http links however) and
still there are warnings!

It is the http links that are causing the warning. What the browser is
telling you is that although the page's HTML has been received over HTTPS
not everything on the page has been retrieved over HTTPS so not everything
on the page can be guaranteed as secure.
 
M

Mark Rae

The strange thing is that my page IS https (has http links however) and
still there are warnings!

I must apologise - I got that completely the wrong way round...

If an http page has links to https resources, the warning doesn't appear,
but if an https page has links to http resources, it does...
 
G

Guest

so, what should I do,
convert all my links to https?

Then the problem would be,
in order to navigate to an external site (url),
if that isn't https,
the page would never open!
 
M

Mark Rae

so, what should I do,
convert all my links to https?

Yes, if you want the warning to disappear...

Either that, or move all of the images etc into the same site and use
relative addressing...
 
A

Alan Silver

so, what should I do,
convert all my links to https?

Then the problem would be,
in order to navigate to an external site (url),
if that isn't https,
the page would never open!

I think you're confusing links with resources.

If you load a page under SSL, then any resources loaded by that secure
page, such as images, stylesheets, Javascript files, etc must all be
loaded under SSL to avoid having the warning.

However, you can have external links, ie <a href="http://www.blah.com/">
that point to non-SSL URLs as these are not loaded with the page.

So, you only need to check that anything actually loaded by your page is
under SSL. Any external links are irrelevant.

HTH
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,733
Messages
2,569,440
Members
44,832
Latest member
GlennSmall

Latest Threads

Top