Hello Samuel,

We are running ASPPlayground over an SSL for our companies private Extranet. What we have been experiencing is the following message as users drill through the forum:

This page contains both secure and nonsecure items. Do you want to display the nonsecure items?

If you select Yes then the padlock is removed, if you select No then the padlock stays. The forum appears to continue in either case. The problem occurs in that users have to select Yes or No each time a page comes up with this problem. Is there a way that you know of in preventing this type of message pop-up window from happening.

Thanks

js

IE seems to find iframe insecure. It is a known problem but currently I do not have a solution for it.

Note: this is not a security problem at all. It is IE' s behavior.

ASPPlayground.net Developer

After a quick search on google, I found a possible solution:

in tt.asp and m.asp:

Look for the iframe code at the bottom of both pages, and add a src attribute so that they read:

<iframe name=" bufferFrame" style=" display:none;" src=" blank.html" ></iframe>

and then create a page called blank.html in the forum' s root directory. You do not have to put anything in blank.html.

Please try it and see if it fixes the problem.

ASPPlayground.net Developer

Hi Samuel,

This worked like a charm, no more pop-up. Thanks very much for your help.

js

Thank you for your report too!

I will release a new patch containing this and the Opera 7 compatibility update.

Thanks

ASPPlayground.net Developer

Hi Samuel!
I also solved my problem using this logic. Thanks.

Vijay .r

Hi,

I'm facing the same Security Alert Problem when i invoke my asp page from an aspx,what should be the issue ,can anyone help in this.

Vanitha

Are you saying you are "invoking" the forum from an ASPX application? What do you mean by invoking??

ASPPlayground.net Developer

I came across another broblem...if you have hotlinks from your https site to 'unsecure' http site
(mine is something like this:)
Someones ICQ Status: <img onerror="this.src='images/icq_offline.gif';" src="http://web.icq.com/whitepages/online?icq=123456789&img=5">

with http rather than https address...

you will get the same message popping out i'm still looking for a solution to fix this...if anyone has any ideas please share

the only way - disallow someone to post http pics on an https site.

What goes around, comes around..

<iframe name=" bufferFrame" style=" display:none;" src=" blank.html" ></iframe>

my first page on my site is my index page which has frames in it , and i have discovered that thats where the problem is (frames). so where do i put ur piece of code??

I am not sure what you are referring to. We are talking about iframe here, not regular frames.

ASPPlayground.net Developer

Samuel,
 
With Content Advisor turned off on my browser, I'm encountering the old problem often discussed in this forum of the pop-up message "This page contains both secure and nonsecure items" on an SSL site, yet I see no cause of it. It happens here: https://www.ohio-academy-of-audiology.org/forum/tm.asp?m=1 Viewing the source yields no occurrence of "http" without the "s". Or are there some links hidden in the javascript routines that are called?
 
Lee

it is the iframe used in "fast reply" (WYSIWYG editor) that causes IE to respond this way.

ASPPlayground.net Developer

Why? In what file is the code? And what can I do about it?
 
Lee