Comments for

Comment from Arunangshu Sarkar on 2009-11-20

2009-11-20T19:05:29Z

How can i make disable this messages by programming in VB.NET.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Vikram Reddy Tummala on 2009-10-30

2009-10-30T15:17:10Z

Hi All,
I was able to get rid of the problem. Following are my comments or suggestions on this -
1. If at all you are including other jsp, js, images and css files, do not specify the full URL like "http:\\ ... ". Try giving the relative path / context path.
2. If you are using IFRAME, donot miss to specify SRC attribute or leaving it empty. Give some blank page url atleast or hide it in the page.
3. Changing the IE Settings to eliminate the alert does help, but this is not a correct solution. Client may come back and say he is not ready to do this. And more over what if the application is being used by 1000+ users. You cannot just shoot an email to all and because of these settings, they cannot view alerts from other secured sites too.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Anneline on 2009-09-28

2009-09-28T10:19:26Z

Yes, in Internet Explorer the security tab is blocked and I cannot change any settings. What am I to do next?

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Ian Wright on 2009-06-16

2009-06-17T04:19:27Z

Ok, I am receiving the same dreaded message however as we are affliated with the Government, our Internet Security settings have been disabled. Now I have checked all through the source code (HTML, CSS and Javascript files) and all references to items are either relative or if they are absolute, they are https://.....

Any suggestions? Please

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Tom on 2009-03-24

2009-03-24T21:32:49Z

Doesn't work in IE 6.0.3790 - happens for me with a site that is in a Trusted zone, and for Trusted Sites, showing Mixed Content is already set to "Enable" (I checked). Need another theory.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Simon on 2009-03-16

2009-03-16T12:20:46Z

I agree with the developer in that sometimes this is unavoidable and not necessarily bad design. This happens with google maps for me too.

To resolve in IE7 with google maps issue, I have added both the main site AND the "nonsecure" site to trusted zones, and set the option appropriately.

This means my trusted zones contains

https://mydomain/
http://maps.google.com/

This means unchecking the "sites in this zone require https" option.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from D Hickman on 2009-03-09

2009-03-10T03:44:06Z

I tried the readers' suggestion to change the 'mixed content' setting. It worked great! Thanks - this has been a nuisance with that annoying message on Amazon.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Wallace Woodard on 2008-12-30

2008-12-30T15:48:45Z

I tried all of the client side settings for Internet Explorer in these articles and none of it worked. What did fix the problem was re-creating the user's profile on the machine. I realized this after logging myself into the workstation and let the user login to the sites that were getting the error and the error did not re-occur

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Just-a-guy on 2008-08-19

2008-08-20T00:07:45Z

After reading the comments, I realized what
was causing the problem. I am testing a new
page on a secure web site. But I left my
base anchor specification to point to a file on
my local "C" drive.

By changing my new page's HREF in the element to point back to the website I was able to eliminate the nagging messages.

I have references to both HTTP and HTTPS on my
web page, all going back to the original website.
It does not cause that nagging message. It probably (among other causes) occurs if the page has a reference is to some location outside of the website from which the origianl page comes.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Mike Blevins on 2008-08-13

2008-08-13T23:16:38Z

"This page contains both secure and nonsecure items" THANK you! This worked EXACTLY as the article described. And it was immediate. I opened a tab and surfed to a site I use MANY times daily where I got that inane prompt. I did not get it after following the aritcle simple steps. ALL "fixes" should be this easy and this effective!

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from anonymous man on 2008-07-17

2008-07-17T15:01:57Z

I'm not an expert on this, but basically, if you pages pull non http content such as an image or a script, that error message will pop up.

Basically, just ensure images don't have full paths such as (img src="http://somepath.gif"> and scripts aren't included such as .

Instead, replace all paths with relatives ones. This means they will adopt whichever http protocol currently in use. If, you have to specify a full path, try using https. However, keep in mind there will be advanced reason you will have to learn about why this may or may not work.

There may also be other nonsecure elements I'm not thinking on your pages that might cause the popup.

Best of luck.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from John Hoffmann on 2008-06-18

2008-06-18T20:51:58Z

Hi,

SOLVED?!?!

Long story short, to eliminate, as a user, that annoying 'secure or non-secured' popup make sure to ENABLE ALL four occurences of Display Mixed Content, i.e.: Internet, Local Intranet, Trusted Sites, Restricted Sites.

Worked like a charm.

Good luck.

JHH

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from don on 2008-06-13

2008-06-13T16:52:32Z

I get this (I think) because of a Flash element that I have placed on the page. The codebase URLs are http; not sure yet if there is a secure site to DL these codebases.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Simple on 2008-05-23

2008-05-23T15:01:21Z

What I do not understand is how a site like Amazon.com can have both http:// and https:// links on a https:// page.
When you go to their Sign In page you are brought to a secure page but the links surrounding the sign-in form are http:// can someone explain how this is done without that secure/unsecure items popup appearing? Thx.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Kat on 2008-05-13

2008-05-14T03:43:15Z

Jane's comment (probably above mine), caught my eye because the same thing's been happening when I go to login at yahoo.

It's really annoying, and I thought it was just me. Apparently not!
Nice to know why it's happening now, though.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from KC on 2008-03-08

2008-03-08T22:48:16Z

Hi,

I have experienced a security pop up on my website, each time I open a new page. Our site is over 1300 pages in size, this has caused some active members to vanish. What could I do to get rid of the SSL security error altogether, without having to ask each member to reconfigure their browser settings?

I read somewhere about the https:// verses using http:// I am very new to this sort of thing. I would like a very secure website, although can there be such a thing as too secure?

Thanks
If you don't respond, its okay.
If you can check out my website, I would pay, LOL. I'm really getting frustrated with this. Its one stop write shop. I will add a link there for your business when our resource page is up and running, too. If you don't mind, thank you.

PS. I read the rules, so if you cannot keep my comment up, its okay. Just needing some help with this issue before I go bazerk. href="http://www.onestopwriteshop.com">http://www.onestopwriteshop.com

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from AjaxTrend on 2008-02-28

2008-02-28T20:38:44Z

How can I know which elements causes such warning. I have analyzed all elements in my page, and all elements in the page are access over https but still I get secured and nonsecure warning in IE6. I would appreciate if you can tell me some tool to analyze pages.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Tralfaz on 2007-09-14

2007-09-14T19:22:03Z

Why not just select Disable? This is the setting I use and I have not noticed any problems. You can always change it back to enable if content is not displayed.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Scott on 2007-08-30

2007-08-31T05:32:22Z

In the "Select a zone..." window select Internet and Trusted (Local if you wish). If you only select Internet, then sites you add to your Trusted list will still warn you that it is a security risk.

Me: Internet Explorer, I trust website [whatever].

Internet Explorer: OK. Hey this "trusted" site has mixed content, are you sure you want to display it?

Me: ...

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from cresh on 2007-07-19

2007-07-19T17:16:03Z

Worked like a dream, Downhill, thanks.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from timo on 2007-07-16

2007-07-16T07:17:05Z

great help, thank you downhill!

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Tomas on 2007-06-18

2007-06-18T12:17:25Z

Thank you downhill. Now I'll need double times less clicks.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from tfcc01 on 2007-06-07

2007-06-07T07:38:29Z

Downhill - you are a star. Thanks mate. Worked perfectly.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Adam on 2007-05-27

2007-05-27T18:00:50Z

This happens if you use secure google, https://mail.google.com/ but if you search the page, there are no "http://" connections present....so as someone pointed out, they must be linking to an "unsecure" image within one of their .js or .css files...

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from downhill on 2007-04-26

2007-04-26T14:47:29Z

The solution our company has entered into its FAQ is as follows --

CAUSE: The page you are attempting to view is a secured site (note the https in the URL prefix) but it contains unsecured data.

SOLUTION:
1. When you receive the error message, click Yes.
2. In Internet Explorer, go to Tools, Internet Options, Security tab; make sure that in Select a Web content zone... that Internet is selected.
3. Click Custom Level and scroll down about half way to Display mixed content in the Miscellaneous section.
4. Change it from Prompt to Enable.
5. Click OK, Yes, OK. The change should take effect immediately.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Ken on 2007-03-07

2007-03-07T19:58:07Z

Hi. Be sure to check your external stylesheets for non-secure references to images.

For example, we were using a stylesheet (with a https page) that loaded http://www.csun.edu/images/arrow.gif as a separator in a list. Changing that to ../images/arrow.gif made the annoying message go away in IE.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Greg on 2007-02-23

2007-02-23T19:35:49Z

Thanks Davido! Worked beautifully on the Google Sitemaps. Every page would bring up the prompt and was very annoying.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from John Duke on 2006-11-08

2006-11-09T03:55:11Z

There is a really cool fix for this at http://www.htaccesselite.com/htaccess/fix-for-warning-page-contains-secure-and-nonsecure-items-vt129.html

Basically you can use mod_rewrite in an htaccess file to internally redirect https:// to http:// so that you can post https://x.com/image.gif to eliminate the warning message, but the server will internally request http://x.com/image.gif instead!

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from servo lotis on 2006-09-21

2006-09-21T16:08:20Z

you can find a great guide here: http://www.wallpaperama.com/forums/windows-disable-this-page-contains-both-secure-and-nonsecure-items-t274.html

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Dooshkin on 2006-06-12

2006-06-12T14:31:12Z

Not sure if it's relevant. But my site was giving this error, until i'd made my 'include' folder run under SSL, as well as my main folder.
So, check the code insecure links, and then double check all folders in the website are using ssl.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Mark Bennett on 2006-06-01

2006-06-02T02:16:54Z

Easiest way is the following:

1. In your web browser go to Tools.
2. Select Internet Options from the drop down menu.
3. Click on the Security tab.
4. Click on the Web content zone you use to access the Site.
5. Click Custom level.
6. Scroll down to find the heading Miscellaneous.
7. Find the sub-heading Display Mixed Content.
8. Click Enable.
9. Click OK.
10. In response to ‘Are you sure you want to change the security settings for this zone?’ click Yes.
11. Click OK to close the Internet Options box.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Davido on 2006-05-18

2006-05-18T15:11:22Z

"Tools" > "Internet Options". Select the "Content" tab. Click the "Disable" button under "Content Advisor".

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from caro on 2006-04-18

2006-04-18T08:54:36Z

Sorry : between the "" :
xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Caro on 2006-04-18

2006-04-18T08:52:20Z

oh, made mistake...
I use XSL to Transform XML into HTML. In my xsl stylesheet, I have : ""
I can't take off this line, so I'm not sure this is the reason... oh oh i'm lost...

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from caro on 2006-04-18

2006-04-18T08:37:09Z

Hi Everyone !

Same problem... I use Javascript to change the Iframe URL :
Iframe.src = url; The url I get is for example : "index.php5?this=that". This is relative. Is it secure or not ? Can the problem come from this?
Please...
THX !

Caro

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Slonick on 2006-04-06

2006-04-06T12:52:29Z

Just add src="javascript:'';"

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Nakul on 2006-03-19

2006-03-20T06:30:35Z

Marcio,

I am facing similar problem, I have checked the IFRAME tag and its pointing to the correct SRC path. can you pls tell me what else or which other part of HTML is causing this error?

how can i get rid of those errors? And most important - I dont want to change any settings of my IE.

Thanks,
Nakul

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Billy on 2006-02-23

2006-02-23T16:32:25Z

Frankly, this is a stupid warning. It scares users for no reason. There is nothing wrong with having secure and unsecure content on your page. The problem is when your url in the address bar is secure but the form your submitting is unsecure. That's when the warning should be displayed.

There is a very seldom chance that you need to secure images on you page. I.e. Why would you ever need to secure your logo? It doesn't make sense. There is no need to encrypt images, stylesheets, javascript.

Using ssl only encrypts your content as it's passing through the network. The reason why you would encrypt your content is because you don't want people to see it if they're sniffing. Yes, they won't see the content with their packet sniffer, however, that is not good enough. They can just take the url and paste it in the browser. In order for your content to be truely secure you need to develop some authentication system around it. So that if someone tries to access your content such as an image it will prompt them for authentication. Putting authentication on every image on your page is "stupid" unless every image has critical information.

This Internet Explorer feature vexes me.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from bob on 2006-02-14

2006-02-14T21:24:42Z

Thanks, Marcio. Not having a src was my problem. I added "blank.html" (nothing in the file except beginning and ending html tags) to the same folder as the file (so that it is within the secure site) and assigned the src attribute to it. Problem resolved!

Thanks also to Leo for the good site and solution.

Bob

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Leo on 2006-02-08

2006-02-08T19:19:15Z

You'll probably need to reinstall Microsoft Office to get Microsoft Word back.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Rag on 2006-02-08

2006-02-08T19:15:17Z

hey leo,
i have lost the microsoft word on my computer there is no sign of it how can i get it and i dont have the windows xp cd im in real trouble i need the word but i cant get it so plz can u help me.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Marcio Lima on 2006-01-10

2006-01-10T20:25:21Z

Hi everybody..

I was facing the same problem mencioned above.

It was caused by an IFRAME I put on my page to have a DIV over a SELECT box. The problem was that my IFRAME didn't have a secure SRC target (actually, it was left blank ;p), so it is treated as a "nonsecure item".

I just could get free from that boring message by adding a SRC URL to the IFRAME.

I hope, it'll be useful!

Marcio Lima
[Email Address Removed]

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Matthew on 2006-01-09

2006-01-09T17:37:11Z

Hi Leo,

I am a site developer. There are good reasons why there may be a mix of secure and unsecure elements within a page. For example, within a secure part of a site i developed, i have references to google maps, who - as far as i'm aware - do not offer a secure equivalent to their service (and even if they do, other services don't, so the argument prevails).

Even if you implement the the "brute force" method of segregating all secure information from insecure information (which may not make sense to the user), and then designating every page (of hundreds of pages) as secure or unsecure, you may still have users receive the "you are entering/leaving a secure page" type of message. If there is a not-"bad site design" that can get around this issue, i'm not aware of it.

And besides, users are already trusting me to properly handle their secure information. There are much easier ways for me to abuse that trust then to explicitly put links to unsecure services in my pages. This message is just a nuisance.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Rob Macarthur on 2005-11-30

2005-11-30T16:19:22Z

I just set the "Display Mixed Content" to enabled for all zones : Internet, Intranet, Trusted and Restricted sites and the warning has gone.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Pat Gard on 2005-09-26

2005-09-26T17:49:47Z

Microsoft says this is a known issue and has issued a hotfix for it (I don't know if it works and it also requires some registry tweaking), but its only good for Windows XP, 2000, etc, and does not apply to Windows ME and before. Guess which OS I have.
I have enabled all the above mentioned and even enabled them in all the other zones and it still comes back.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Gaurav Nanda on 2005-09-19

2005-09-19T19:49:43Z

To stop getting this message, do the following :
1) Open the browser
2) Go to Tools->Internet Options
3) Click on the security tab.
4) Click on Custom Level
5) In this list, Look for " Display Mixed Content" and click on enable
6) Then look for "Launching programs and files in an IFRAME' and click on enable.
7) Click on OK and then OK again
8) Close all Internet explorer windows

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Paul on 2005-08-29

2005-08-29T08:02:23Z

The problem is generally caused by an iframe on the page. iframes are used under popups to ensure that dropdowns don't paint over the popup (another IE bug).

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from John on 2005-08-23

2005-08-23T22:45:41Z

Leo, I found the answer. I discovered that, on the Security tab in Internet Options, I had to make this configuration under "Restricted Sites" also, not just under "Internet" or "Trusted Sites." The problem occurred at games.com where I play Monopoly. I like your site. Very nice that one doesn't have to sign up or login to comment. Thank you very much.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from John on 2005-08-23

2005-08-23T14:59:48Z

My problem is that I keep getting the "This page contains both secure and nonsecure items" warning even though "Enable" IS checked in the "Miscellaneous" section of the Security tab of Internet Options. Can anyone tell me what further step I must take to get rid of the nuisance warning?

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from leigh on 2005-07-11

2005-07-11T15:08:51Z

for developers:

from a secure site .i.e https:// - where you reference the codebase for macromedia change the codebase="http://download.macromedia.com/pub/shockwave...... to codebase="https://download.macromedia.com/pub/shockwave..... and this will sort the problem out

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Leo on 2005-04-19

2005-04-20T01:16:50Z

Basically everything needs to be https ... something isn't. You might try firing up Firefox, and using the Web Developer extension ... it allows you to look at various bits of information including the paths of objects on the page.

Good luck!

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from DavidL on 2005-04-19

2005-04-19T22:30:54Z

That's all well and good, but as a developer, how can I tell which things are being picked up as non-secure so that I can correct the issue? I'm going over code from a previous developer and for the life of me I can't see any references to anything outside of our secure domain.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from David on 2005-04-13

2005-04-13T10:26:24Z

1. Go to the top of your browser and click on Tools and select Internet Options.
2. Click on the Security tab
3. Click on the Custom Level button at the bottom
4. In that top box, scroll down to the Miscellaneous section (look for the Internet Explorer icons next to the topics) and find where it says "Display Mixed Content"
5. Click the Enable bubble to select that option
Disable--you will not see the message anymore, nor will the nonsecure items be displayed
Enable--you will not receive the message anymore, and the nonsecure items will be displayed on the page
Prompt--you will receive the message everytime a website has both secure and nonsecure items on it (this is the current setting in the browser that causes you to receive the message every time).
6. Once you have selected Enable, click on the OK button to close that window, and then click OK again to close the other window.
7. You may need to close your browser and then reopen it to see the changes take effect

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Nikolay on 2004-11-15

2004-11-15T10:43:49Z

I had the same problem. It was caused by a missing src attribute in the IFRAME tag. When you set the src, make sure it points to a real file.

Hope this seves somebody's time :)

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Leo on 2004-10-08

2004-10-09T01:48:19Z

The typical design mistake is to pick up a graphic from a non-secure site. All graphics and other components need to come from the secure site.

Example: say http://example.com has a logo example.png. The secure site, https://store.example.com wants to use the same logo, and hence has an IMG tag that references http://example.com/example.png. Bingo ... non secure item on a secure site. Copy the logo to the secure site and load it from there.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Amy on 2004-10-07

2004-10-07T17:39:51Z

Hi,
On this issue, I am working on the development side of a website and I get this error very often on that website. I know it must be related to the bad design on the website. Could some tell me how to fix it? Your help is very much appreciated.
Amy.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Rees on 2004-09-20

2004-09-21T02:06:11Z

Great question! I am using a site that hasn't been set up properly, and I get that annoying security message often!

I am posting the solution to the issue here. I always support giving people all the info there is, and just warn then that they are subverting a security option. Then the user can make their own decision.

There is a browser setting in IE6 to turn this off (not sure of earlier browsers). Check out Tools > Internet Options > Security > Custom Level > Miscellaneous > Display mixed content. By default its set to prompt, reset it to Enable.

Of course, there are other browsers out there .. Netscape (netscape.com) or Opera (opera.com) to name the two other most popular ones.

Peace,
Rees

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Leo on 2004-05-30

2004-05-30T23:23:26Z

Greg: if you're reading your email via a web interface, then my comment still applies. Your Earthlink web interface appears to be showing both secure and nonsecure items at the same time. That's bad design on their part.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Greg Pilcher on 2004-05-27

2004-05-28T05:41:00Z

I apoligize, My question was not clear enough for you to give me the answer I needed. I may have forgotten to mention that this notice isnt when I surf, but when I am answering emails online. It is when I op;en the email in the webmail box at Earthlink, always the message opens up a new window, then that window always asks the same question:

Can I get rid of the "This page contains both secure and nonsecure items" warning? Not that I'm aware of, and not that I would want to. Not being notified is, in fact, a security risk when visiting sites you don't already know and trust. For the sites you do trust ... the message results from bad site design on their part.

Thank you very much for taking the time to answer. I just used Netscape Mail today, and I noticed that it is not giving me that message there. Thank you again.

]]>

A comment on:

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.