- Worldstart's Tech Tips And Computer Help - http://www.worldstart.com -

Stopping Secure and Nonsecure Items Pop-up

Posted By Cory Buford On July 23, 2013 @ 3:08 PM In Security Help,Using The Internet,Windows Explorer | 1 Comment

Ben from Riverside, CA writes:

I have a Compaq desk-top with Wndows XP Professional. Every time I open a new window, I get a pop-up asking if I want to view a window that is from a secure or unsecure source. It is very annoying and I can not delete it. I tried all kinds of things but nothing helps.

Annoyed to the deepest pit of pits upon greeted with this? “This page contains both secure and nonsecure items. Do you want to display the nonsecure items?”

Uh-uh who doesn’t? When this warning plagues your SSL web page, this means that there is an error that occurs when some element on a secure web page (one that is loaded with https:// in the address bar) is not being loaded from a secure source. More often than not, it usually occurs with images, frames, iframes, Flash, and JavaScripts.

Now if you are having trouble finding what elements are loading from http instead of https, try WhyNoPadLock.com [1]. This simple tool tells you about any unsecured items on your SSL page. All you have to do in here is type in the full https secure URL into the box below and get a report about: One, insecure calls to images,css, and javascript. Two, images called insecurely from linked css and js files. And three, Expired cert, invalid or missing intermediate certificate (including 3rd party SSL certs.)

[2]

Super easy right? Once you have found the elements, it’s time for you to fix them. Here are a few ways to do so:

1. Change all URLs to https

Open the offending web page and search for http://. Change the references on all images, iframes, Flash, and Javascripts to https://. For example.

Note that this might not work if you are loading an image from another site that does not have an SSL (Secured Socket Layer) installed. With this method you will be loading SSL images even when the client is loading from a non-secure page. This will add extra processing load on the server and client. This is definitely not recommended for a high volume site.

2. Change all links to // or make them relative

Instead of all the links to https://, change them to just //

Alternately, if the images or scripts are located on the same domain, you can access them relatively, rather than absolutely:

Utilizing this method, you enable the browser to know that it must load the image securely if the web page is being loaded securely but it will also load the image normally if the page is not being accessed securely. The image will still need to be available on the other server securely. This is likely the best method of getting rid of the pesky “Do you want to display the nonsecure items?” warnings.

3. Change the browser settings

To get rid of the root of the problem, it is advisable to change the code of the page that gives the horror. However, if you don’t have access to change the code, you can always tell your personal web browser not to display that message.

For Internet Explorer, follow the steps below:

1. Go to Tools, Internet Options.

2. Select the “Security” tab and then click on the “Custom Level” button.

3. Scroll down until you see the option: “Display mixed content”. Select “Enable”.

4. Click Ok. Then you will get a “Security Warning” pop-up. Click Yes.

~ Cory Buford


Article printed from Worldstart's Tech Tips And Computer Help: http://www.worldstart.com

URL to article: http://www.worldstart.com/stopping-secure-and-nonsecure-items-pop-up/

URLs in this post:

[1] WhyNoPadLock.com: http://www.whynopadlock.com/

[2] Image: http://imgsrv.worldstart.net/images/ct-images/2013/07/pix2.png