Summary: "Secure and nonsecure" items is most often the result of bad web page design. As a user it's difficult to avoid without lowering your guard.
|
Can I get rid of the "This page contains both secure and nonsecure items" warning? |
Not that I'm aware of, and not that I would want to. Not being notified is in fact a security risk when visiting sites you don't already know and trust. For the sites you do trust, the message results from bad site design on their part.
Update
Thank you to a few readers who posted a solution to avoiding the warning:
|
•
Related:
How do I stop constant runtime error messages in Internet Explorer? It's common to see runtime errors when visiting web sites in Internet Explorer. Unfortunately your options to deal with them are somewhat limited.
IExplore.exe has generated an error. Now what? IExplore.exe, aka Internet Explorer or 'IE', can crash but it's not always its fault. We'll look at some of the things that can cause IExplore.exe to crash, and steps you can take.
Article C1951 - May 27, 2004
"This page contains both secure and nonsecure items" THANK you! This worked EXACTLY as the article described. And it was immediate. I opened a tab and surfed to a site I use MANY times daily where I got that inane prompt. I did not get it after following the aritcle simple steps. ALL "fixes" should be this easy and this effective!
Posted by: Mike Blevins at August 13, 2008 4:16 PMAfter reading the comments, I realized what
was causing the problem. I am testing a new
page on a secure web site. But I left my
base anchor specification to point to a file on
my local "C" drive.
By changing my new page's HREF in the element to point back to the website I was able to eliminate the nagging messages.
I have references to both HTTP and HTTPS on my
Posted by: Just-a-guy at August 19, 2008 5:07 PMweb page, all going back to the original website.
It does not cause that nagging message. It probably (among other causes) occurs if the page has a reference is to some location outside of the website from which the origianl page comes.
I tried all of the client side settings for Internet Explorer in these articles and none of it worked. What did fix the problem was re-creating the user's profile on the machine. I realized this after logging myself into the workstation and let the user login to the sites that were getting the error and the error did not re-occur
Posted by: Wallace Woodard at December 30, 2008 7:48 AMI tried the readers' suggestion to change the 'mixed content' setting. It worked great! Thanks - this has been a nuisance with that annoying message on Amazon.
Posted by: D Hickman at March 9, 2009 8:44 PMI agree with the developer in that sometimes this is unavoidable and not necessarily bad design. This happens with google maps for me too.
To resolve in IE7 with google maps issue, I have added both the main site AND the "nonsecure" site to trusted zones, and set the option appropriately.
This means my trusted zones contains
https://mydomain/
http://maps.google.com/
This means unchecking the "sites in this zone require https" option.
Posted by: Simon at March 16, 2009 5:20 AMDoesn't work in IE 6.0.3790 - happens for me with a site that is in a Trusted zone, and for Trusted Sites, showing Mixed Content is already set to "Enable" (I checked). Need another theory.
Posted by: Tom at March 24, 2009 2:32 PMOk, I am receiving the same dreaded message however as we are affliated with the Government, our Internet Security settings have been disabled. Now I have checked all through the source code (HTML, CSS and Javascript files) and all references to items are either relative or if they are absolute, they are https://.....
Any suggestions? Please
Posted by: Ian Wright at June 16, 2009 9:19 PMYes, in Internet Explorer the security tab is blocked and I cannot change any settings. What am I to do next?
Posted by: Anneline at September 28, 2009 3:19 AMHi All,
Posted by: Vikram Reddy Tummala at October 30, 2009 8:17 AMI was able to get rid of the problem. Following are my comments or suggestions on this -
1. If at all you are including other jsp, js, images and css files, do not specify the full URL like "http:\\ ... ". Try giving the relative path / context path.
2. If you are using IFRAME, donot miss to specify SRC attribute or leaving it empty. Give some blank page url atleast or hide it in the page.
3. Changing the IE Settings to eliminate the alert does help, but this is not a correct solution. Client may come back and say he is not ready to do this. And more over what if the application is being used by 1000+ users. You cannot just shoot an email to all and because of these settings, they cannot view alerts from other secured sites too.
How can i make disable this messages by programming in VB.NET.
Posted by: Arunangshu Sarkar at November 20, 2009 11:05 AM