Easy way to determine what content is not delivered using a secure HTTPS connection?

Question

I have some pages that are sent via HTTPS. Internet Explorer sometimes complains about \"This webpage contains content that will not be delivered using a secure HTTPS\".

<

Answer 1

I've used the following site before - I finding it easier than loading up firebug / fiddler.

http://www.whynopadlock.com/

Answer 2

Using following tools could help:

• Firefox's FireBug . opening tab Network shows you connection details to multiple resource
• Fiddler - acts as sniffer allows you explore details of connect.

Answer 3

In Google Chrome, similar to Firefox w/ FireBug, you can use the 'Network' tab of the Developer Tools console.

Open the Developers Tools console, go to the 'Network' tab, and reload the target page. Any warnings with the page, such as insecure content being loaded, will be indicated with the number of warning and an 'alert' icon in the bottom right corner (Chrome v23.x). Click on the icon and a list of the warnings, in this case, the resources being loaded insecurely, will be displayed.

Answer 4

You can use SslCheck

It's a free online tool that crawls a website recursively (following all internal links) and scans for unsecure content - images, scripts and CSS.

(disclaimer: I'm one of the developers)

Answer 5

I usually use Firefox + Firebug (the "Net" tab) to find the offending request. You could also use Fiddler for this. (with any browser)

Answer 6

You could fire up Fiddler to see what exactly IE is requesting over regular HTTP.

In Fiddler's default configuration, HTTPS requests will show up with a lock and CONNECT as the host. HTTP requests will have a non-lock icon.

_{(source: josh3736.net)}