Secure and Non-Secure Items

Discussion in 'ASP .Net Security' started by Baiju, Feb 20, 2005.

  1. Baiju

    Baiju Guest

    Hello

    We have a .NET web application which runs on SSL. I am frequently getting
    messages like "This page contain both secure and non secure items. Do you
    want to continue ?" When I take pages containing datagird. Is there a way to
    disanle this message ?

    Thanks
    Baiju
     
    Baiju, Feb 20, 2005
    #1
    1. Advertising

  2. Baiju

    Geir Aamodt Guest

    Baiju,

    this is a standard warning message when you are display data from both
    secure
    sites and non-secure sites. The message can be disabled, but this must be
    done
    in the browser and on a per site basis.

    What does this mean? You'll have to do one or all of the following: recode
    your pages,
    redesign your site or rethink your security strategy


    --

    Best regards,
    Geir Aamodt
    geir.aamodt(AT)bekk.no

    "Baiju" <> wrote in message
    news:...
    > Hello
    >
    > We have a .NET web application which runs on SSL. I am frequently getting
    > messages like "This page contain both secure and non secure items. Do you
    > want to continue ?" When I take pages containing datagird. Is there a way
    > to
    > disanle this message ?
    >
    > Thanks
    > Baiju
    >
    >
     
    Geir Aamodt, Feb 21, 2005
    #2
    1. Advertising

  3. You can't disable the message on the client, but you can prevent it by
    ensuring that all your page content is loaded over HTTPS. The best way to
    find the offending content is usually to verify the rendered page HTML on
    the client. Here are a few things to check for:

    1. Any content loaded explicitly over HTTP. You can usually find this by
    searching for "http:" (without the quotes) in the HTML.

    2. Any frames, iframes, or images with a missing or empty src attribute.
    (e.g.: <iframe src="" ...).

    3. Any frames, iframes, or images with a src that specifies content that is
    not available on your site. (e.g.: <iframe src="about:blank" ...).



    "Baiju" <> wrote in message
    news:...
    > Hello
    >
    > We have a .NET web application which runs on SSL. I am frequently getting
    > messages like "This page contain both secure and non secure items. Do you
    > want to continue ?" When I take pages containing datagird. Is there a way
    > to
    > disanle this message ?
    >
    > Thanks
    > Baiju
    >
    >
     
    Nicole Calinoiu, Feb 21, 2005
    #3
  4. Baiju

    Baiju Guest

    Thanks Nikole

    I have some iframes with missing src attribute. I fixed the issue.

    -Baiju

    "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
    news:%23Aa%...
    > You can't disable the message on the client, but you can prevent it by
    > ensuring that all your page content is loaded over HTTPS. The best way to
    > find the offending content is usually to verify the rendered page HTML on
    > the client. Here are a few things to check for:
    >
    > 1. Any content loaded explicitly over HTTP. You can usually find this by
    > searching for "http:" (without the quotes) in the HTML.
    >
    > 2. Any frames, iframes, or images with a missing or empty src attribute.
    > (e.g.: <iframe src="" ...).
    >
    > 3. Any frames, iframes, or images with a src that specifies content that

    is
    > not available on your site. (e.g.: <iframe src="about:blank" ...).
    >
    >
    >
    > "Baiju" <> wrote in message
    > news:...
    > > Hello
    > >
    > > We have a .NET web application which runs on SSL. I am frequently

    getting
    > > messages like "This page contain both secure and non secure items. Do

    you
    > > want to continue ?" When I take pages containing datagird. Is there a

    way
    > > to
    > > disanle this message ?
    > >
    > > Thanks
    > > Baiju
    > >
    > >

    >
    >
     
    Baiju, Feb 23, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,448
    Teemu Keiski
    Jun 8, 2004
  2. zdrakec
    Replies:
    1
    Views:
    438
    zdrakec
    Jul 25, 2005
  3. Joe
    Replies:
    5
    Views:
    962
    Steven Cheng[MSFT]
    Dec 13, 2005
  4. verbal kint
    Replies:
    1
    Views:
    552
    Sudsy
    Sep 4, 2004
  5. rb

    secure and non-secure pages

    rb, Dec 4, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    331
Loading...

Share This Page