Home »
Web
Summary: "Secure and nonsecure" items is most often the result of bad web page
design. As a user it's difficult to avoid without lowering your guard.
Can I get rid of the "This page contains both secure and nonsecure items" warning?
Not that I'm aware of, and not that I would want to.
Not being notified is in fact a security risk when visiting sites you don't
already know and trust. For the sites you do trust the message results from
bad site design on their part.
Update
Thank you to a few readers who posted a solution to avoiding the warning:
When you receive the error message, click Yes.
In Internet Explorer, go to Tools, Internet Options, click the Security tab; make sure that in "Select a zone..." window that Internet is selected.
Click Custom Level and scroll down about half way to "Display mixed content" in the Miscellaneous section.
Change it from Prompt to Enable.
Click OK, Yes, and OK. The change should take effect immediately.
|
•
Article 209 | Posted May 27, 2004
•
In the last few days I've suddenly been getting this message on lots of webpages I never had a problem with before, like the login page for yahoo e-mail. I hate to turn it off but it's drivingme nuts.
Posted by: jane at May 11, 2008 8:41 AMJane's comment (probably above mine), caught my eye because the same thing's been happening when I go to login at yahoo.
It's really annoying, and I thought it was just me. Apparently not!
Posted by: Kat at May 13, 2008 8:43 PMNice to know why it's happening now, though.
What I do not understand is how a site like Amazon.com can have both http:// and https:// links on a https:// page.
Posted by: Simple at May 23, 2008 8:01 AMWhen you go to their Sign In page you are brought to a secure page but the links surrounding the sign-in form are http:// can someone explain how this is done without that secure/unsecure items popup appearing? Thx.
I get this (I think) because of a Flash element that I have placed on the page. The codebase URLs are http; not sure yet if there is a secure site to DL these codebases.
Posted by: don at June 13, 2008 9:52 AMHi,
SOLVED?!?!
Long story short, to eliminate, as a user, that annoying 'secure or non-secured' popup make sure to ENABLE ALL four occurences of Display Mixed Content, i.e.: Internet, Local Intranet, Trusted Sites, Restricted Sites.
Worked like a charm.
Good luck.
JHH
Posted by: John Hoffmann at June 18, 2008 1:51 PMdoes anyone, anywhere have an answer to this very large problem? It drives potential customers away. It is because of Google Adsense. They don't have a solution either. They need to make sure ads on a secure sight are only from secure sites. I have an SSL certificate, and a privacy policy. I have contacted Microsoft, and even they don't have an answer.
Posted by: David at June 20, 2008 12:00 PMPlease sujjest me some other solution apart from what you have suggested.Please do it as soon as possible as i need this solution urgently.
Posted by: aamir at June 26, 2008 12:14 AMI'm not an expert on this, but basically, if you pages pull non http content such as an image or a script, that error message will pop up.
Basically, just ensure images don't have full paths such as (img src="http://somepath.gif"> and scripts aren't included such as .
Instead, replace all paths with relatives ones. This means they will adopt whichever http protocol currently in use. If, you have to specify a full path, try using https. However, keep in mind there will be advanced reason you will have to learn about why this may or may not work.
There may also be other nonsecure elements I'm not thinking on your pages that might cause the popup.
Best of luck.
Posted by: anonymous man at July 17, 2008 8:01 AM"This page contains both secure and nonsecure items" THANK you! This worked EXACTLY as the article described. And it was immediate. I opened a tab and surfed to a site I use MANY times daily where I got that inane prompt. I did not get it after following the aritcle simple steps. ALL "fixes" should be this easy and this effective!
Posted by: Mike Blevins at August 13, 2008 4:16 PMAfter reading the comments, I realized what
was causing the problem. I am testing a new
page on a secure web site. But I left my
base anchor specification to point to a file on
my local "C" drive.
By changing my new page's HREF in the element to point back to the website I was able to eliminate the nagging messages.
I have references to both HTTP and HTTPS on my
Posted by: Just-a-guy at August 19, 2008 5:07 PMweb page, all going back to the original website.
It does not cause that nagging message. It probably (among other causes) occurs if the page has a reference is to some location outside of the website from which the origianl page comes.