How to avoid security warning in IE when landing a

2019-05-14 21:26发布

问题:

In IE 8, I am getting the below error message when trying to land on a https from a http page in an online store web portal.If i change the settings in my IE,It will not prompt the message.But since its a browser setting,we can ask each customers to do so . alt text http://img109.imageshack.us/img109/2406/securityj.jpg

Is there anything which we can do for not showing this message in IE. ?

回答1:

Make sure you're delivering all content including external CSS, JS and images using https protocol. The warning should go away.

I haven't found any convenient tool for IE8 available out of the box to help to gather all paths that you're using. But you could try your page in Firefox with Firebug extension.



回答2:

This particular warning is shown when the page has mixed content, i.e. some parts of the page are delivered over http. As @nailxx said, the solution is to make sure you deliver all your content over https.

The reasoning behind this warning is that the user sees the greed address bar for the page, because the main document is delivered over https. This sets certain expectations* about the security and privacy of the content exchange between the browser and the page. Any content delivered over http violates those expectations silently.

In particular, quite often the source of this warning is external content, especially third-party ads.

[*] one could argue that any such expectations are wrong and https overall gives the false impression of security, but that's outside of the current discussion :-)



回答3:

After trying a number of different methods, our dev team found it easiest to force everything to https when trying to display mixed content. Part of that was our particular environment (3rd party code, load-balancing servers, SSO servers, etc.) but we never found a solution which was elegant and worked everywhere.

Sorry for the non-answer, but I figured knowing someone else investigated this issue might be nice.