S
Stephen Davies
I am observing (via fiddler) a problem where "webresource.axd" files are
being deployed over http (port 80) hot https (443) even when the request is
https://xxx.xx.
IE6 doesn't seem to mind this and reports the page as secure (padlock
closed) but Firefox 1.5 on the other hand reports the page a partially secure
(padlock closed with red line through it).
Disabling Javascript on the Firefox Browser allows the page to become fully
secure (no red line in the padlock).
I have read several blogs on this and specifically Scott Gu's blog entry
http://weblogs.asp.net/scottgu/arch...s-with-debug_3D001D20_true_1D20_-enabled.aspx
and have performed his suggestion of setting Debug=false on the compilation
directive to no avail! Page is still showing as insecure in Firefox.
Fiddler shows me two webresource entries being downloaded on http rather
than https, is this normal?
Does anyone have any ideas on this, its bugging the hell out of me and my
client is moaning about the Firefox partially secure message on the secure
pages on the site including the login page.
BTW ASPNET validators are used on this page.
being deployed over http (port 80) hot https (443) even when the request is
https://xxx.xx.
IE6 doesn't seem to mind this and reports the page as secure (padlock
closed) but Firefox 1.5 on the other hand reports the page a partially secure
(padlock closed with red line through it).
Disabling Javascript on the Firefox Browser allows the page to become fully
secure (no red line in the padlock).
I have read several blogs on this and specifically Scott Gu's blog entry
http://weblogs.asp.net/scottgu/arch...s-with-debug_3D001D20_true_1D20_-enabled.aspx
and have performed his suggestion of setting Debug=false on the compilation
directive to no avail! Page is still showing as insecure in Firefox.
Fiddler shows me two webresource entries being downloaded on http rather
than https, is this normal?
Does anyone have any ideas on this, its bugging the hell out of me and my
client is moaning about the Firefox partially secure message on the secure
pages on the site including the login page.
BTW ASPNET validators are used on this page.