How to avoid security warning in IE when landing an HTTPS page?

好久不见. 提交于 2019-12-05 20:41:25

Make sure you're delivering all content including external CSS, JS and images using https protocol. The warning should go away.

I haven't found any convenient tool for IE8 available out of the box to help to gather all paths that you're using. But you could try your page in Firefox with Firebug extension.

This particular warning is shown when the page has mixed content, i.e. some parts of the page are delivered over http. As @nailxx said, the solution is to make sure you deliver all your content over https.

The reasoning behind this warning is that the user sees the greed address bar for the page, because the main document is delivered over https. This sets certain expectations* about the security and privacy of the content exchange between the browser and the page. Any content delivered over http violates those expectations silently.

In particular, quite often the source of this warning is external content, especially third-party ads.

[*] one could argue that any such expectations are wrong and https overall gives the false impression of security, but that's outside of the current discussion :-)

After trying a number of different methods, our dev team found it easiest to force everything to https when trying to display mixed content. Part of that was our particular environment (3rd party code, load-balancing servers, SSO servers, etc.) but we never found a solution which was elegant and worked everywhere.

Sorry for the non-answer, but I figured knowing someone else investigated this issue might be nice.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!