Mixing secured (HTTPS) and non-secured (HTTP) content in the samepage

Discussion in 'Javascript' started by Daniel Frechette, Apr 10, 2006.

  1. Hi,

    Is it possible to have secured (SSL/HTTPS) and non-secured (HTTP)
    content in the same page without breaking the security? I am developing
    a secured reservation system in which the user can access Google Maps
    (not secured). The map is embedded in the page and does not open in a
    separate window.

    What solution do you recommend? Use iframes? If so, how?

    Thank you,

    Daniel
     
    Daniel Frechette, Apr 10, 2006
    #1
    1. Advertising

  2. Daniel Frechette

    James Black Guest

    Re: Mixing secured (HTTPS) and non-secured (HTTP) content in the same page

    If you have separate portal windows, one coming from http and the other
    from https, then security won't be a problem, as the https window will
    always be https.

    You just need to get the URL for each window to come from the
    appropriate URL.
     
    James Black, Apr 10, 2006
    #2
    1. Advertising

  3. Re: Mixing secured (HTTPS) and non-secured (HTTP) content in the same page

    Daniel Frechette wrote:

    > Is it possible to have secured (SSL/HTTPS) and non-secured (HTTP)
    > content in the same page without breaking the security?


    That depends on how you want to define security. Sure it is possible to
    mix resource retrieved via the encrypted and the unencrypted version of
    the protocol. Security is then compromised such that the connection
    for resources retrieved via unencrypted HTTP is unencrypted, while the
    connections for resources retrieved via HTTPS (HTTP over SSL/TLS) are
    encrypted.

    > I am developing a secured reservation system in which the user can access
    > Google Maps (not secured). The map is embedded in the page and does not
    > open in a separate window.
    >
    > What solution do you recommend? Use iframes? If so, how?


    You are off topic here. (It is irrelevant for your concerns that Google
    Maps uses XML HTTP requests triggered by client-side scripting.)


    PointedEars
     
    Thomas 'PointedEars' Lahn, Apr 10, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Don
    Replies:
    0
    Views:
    342
  2. batista
    Replies:
    1
    Views:
    932
    Laurent Bugnion
    Jan 26, 2006
  3. Replies:
    1
    Views:
    474
    Nicole Calinoiu
    May 15, 2006
  4. Yanesh Tyagi
    Replies:
    1
    Views:
    447
    santel
    Jun 19, 2006
  5. Dani

    Mixing HTTP and HTTPS?

    Dani, Aug 21, 2009, in forum: ASP .Net Security
    Replies:
    0
    Views:
    734
Loading...

Share This Page