Can I get rid of the "This page contains both secure and nonsecure items" warning?

Home » Web

Summary: "Secure and nonsecure" items is most often the result of bad web page design. As a user it's difficult to avoid without lowering your guard.

Not that I'm aware of, and not that I would want to. Not being notified is in fact a security risk when visiting sites you don't already know and trust. For the sites you do trust the message results from bad site design on their part.

Update
Thank you to a few readers who posted a solution to avoiding the warning:

When you receive the error message, click Yes.
In Internet Explorer, go to Tools, Internet Options, click the Security tab; make sure that in "Select a zone..." window that Internet is selected.
Click Custom Level and scroll down about half way to "Display mixed content" in the Miscellaneous section.
Change it from Prompt to Enable.
Click OK, Yes, and OK. The change should take effect immediately.

•

Article 209 | Posted May 27, 2004

•

Recent Comments

0 Comments

In the last few days I've suddenly been getting this message on lots of webpages I never had a problem with before, like the login page for yahoo e-mail. I hate to turn it off but it's drivingme nuts.

Posted by: jane at May 11, 2008 8:41 AM

Jane's comment (probably above mine), caught my eye because the same thing's been happening when I go to login at yahoo.

It's really annoying, and I thought it was just me. Apparently not!
Nice to know why it's happening now, though.

Posted by: Kat at May 13, 2008 8:43 PM

What I do not understand is how a site like Amazon.com can have both http:// and https:// links on a https:// page.
When you go to their Sign In page you are brought to a secure page but the links surrounding the sign-in form are http:// can someone explain how this is done without that secure/unsecure items popup appearing? Thx.

Posted by: Simple at May 23, 2008 8:01 AM

I get this (I think) because of a Flash element that I have placed on the page. The codebase URLs are http; not sure yet if there is a secure site to DL these codebases.

Posted by: don at June 13, 2008 9:52 AM

Hi,

SOLVED?!?!

Long story short, to eliminate, as a user, that annoying 'secure or non-secured' popup make sure to ENABLE ALL four occurences of Display Mixed Content, i.e.: Internet, Local Intranet, Trusted Sites, Restricted Sites.

Worked like a charm.

Good luck.

JHH

Posted by: John Hoffmann at June 18, 2008 1:51 PM

does anyone, anywhere have an answer to this very large problem? It drives potential customers away. It is because of Google Adsense. They don't have a solution either. They need to make sure ads on a secure sight are only from secure sites. I have an SSL certificate, and a privacy policy. I have contacted Microsoft, and even they don't have an answer.

Posted by: David at June 20, 2008 12:00 PM

Please sujjest me some other solution apart from what you have suggested.Please do it as soon as possible as i need this solution urgently.

Posted by: aamir at June 26, 2008 12:14 AM

I'm not an expert on this, but basically, if you pages pull non http content such as an image or a script, that error message will pop up.

Basically, just ensure images don't have full paths such as (img src="http://somepath.gif"> and scripts aren't included such as .

Instead, replace all paths with relatives ones. This means they will adopt whichever http protocol currently in use. If, you have to specify a full path, try using https. However, keep in mind there will be advanced reason you will have to learn about why this may or may not work.

There may also be other nonsecure elements I'm not thinking on your pages that might cause the popup.

Best of luck.

Posted by: anonymous man at July 17, 2008 8:01 AM

"This page contains both secure and nonsecure items" THANK you! This worked EXACTLY as the article described. And it was immediate. I opened a tab and surfed to a site I use MANY times daily where I got that inane prompt. I did not get it after following the aritcle simple steps. ALL "fixes" should be this easy and this effective!

Posted by: Mike Blevins at August 13, 2008 4:16 PM

After reading the comments, I realized what
was causing the problem. I am testing a new
page on a secure web site. But I left my
base anchor specification to point to a file on
my local "C" drive.

By changing my new page's HREF in the element to point back to the website I was able to eliminate the nagging messages.

I have references to both HTTP and HTTPS on my
web page, all going back to the original website.
It does not cause that nagging message. It probably (among other causes) occurs if the page has a reference is to some location outside of the website from which the origianl page comes.

Posted by: Just-a-guy at August 19, 2008 5:07 PM

Post a comment on "Can I get rid of the "This page contains both secure and nonsecure items" warning?":

Name: (Required)

Email Address: (Required)

(Email Address will not be published.)

Remember Me? YesNo

By popular demand...
my tip jar

Buy Leo a Latte!

Comments: (you may use HTML tags for style)

New!

Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

I can't respond to every comment. And I can't vouch for the accuracy of others who do.
Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...