Finding All Insecure Content on a Secure Page

Question

What\'s the most efficient way to find a list of all non-HTTPS URLs requested by an HTTPS page? If this kind of security violation happens, every browser alerts the user, but I

Answer 1

I just want to leave a note about what happened to me when this problem arose.

Suddenly my domain showed 'Mixed: Insecure Items'. I couldn't find the cause at all. The console was just showing an image was being requested: http://www.example.com/, Which I could not find any reference to anywhere.

I searched and searched and eventually found that in the Security Tab of Chrome, Where it was displaying 'Insecure Content' it said 'Show in Network Tab'. When I clicked that, It was showing me the bad URL, again, with no information apart from the Initiatior column. It was showing the image footer_bg.jpg.

Had someone injected code into my footer background image I wondered? Turns out no, I had inadvertently moved that image yesterday and forgot about it. So the page was requesting an image that wasn't there, returning an error. I fixed the link to the image and page loads securely again.

Just for anyone else that will possibly have this problem in the future.