1. Home
  2. Forums Index
  3. Browser Side / HTML 10:38 pm May 1, 2026

Forum Moderators: open

Message Too Old, No Replies

Fixing the "not everything on the page is secure" message

         

jackvull

11:14 am on Dec 26, 2005 (gmt 0)

10+ Year Member



Hi
I am setting up a secure website but when I view in IE, I get the message "not everything on the page is secure. Would you like to download the unsecure objects?"
The page doesn't seem to look any different whether I click Yes/No so I'm wondering if there's an easy way to find out which of the objects on the page are insecure?

I've tried it in Firefox and nothing is reported.

Thanks

idolw

11:18 am on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



check if pictures location starts with 'https'

jackvull

11:29 am on Dec 26, 2005 (gmt 0)

10+ Year Member



I have uploaded a folder that contains all the images to the secure folder so the html is accessing these by img src='images/image.jpg'

Isn't this okay as it is accessing from within the secure site anyway?

idolw

12:07 pm on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



hmm, not sure.
have you tried inserting a full path of the picture and checking if it works?
we had similar problem when building our secure pages but fixed it using full URLs with https at the beginning.

henry0

12:49 pm on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



This is not valid unless you have by default below WWW
an ISP pre-set secure area such as secure HTML and secure CGI
if not use full path starting with HTTPS.

jackvull

1:27 pm on Dec 26, 2005 (gmt 0)

10+ Year Member



Thanks for the replies so far.
I have replaced all the image links with https but still bet the same problem.

There a re a fe links on the page, which direct the user back to the unsecure site via use of http://www.example.com/webopage.php

Is it okay to use those within the secure page? I assume so because otherwise there would be no way of redirecting the user.

My surprise is that Firefox doesn't mention anything about the security but IE does.

[edited by: encyclo at 5:56 pm (utc) on Dec. 26, 2005]
[edit reason] delinked URL [/edit]

john_k

2:17 pm on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I.E. doesn't care where the resources reside on the server. It only cares how they are being retrieved from the server. The message is displayed to you BEFORE the browser attempts to fetch the item from the server. So any settings on the file or the folder do not come into play in regard to this message.

One or more of your resources are being retrieved with a URL that starts with "http:". You can either remove that portion, or change it to "https:".

The easiest way is to remove the protocol (http/https) portion all together. When no protocol is indicated, the browser will use the same protocol as was used to load the html page.

When I say "resource", I mean it could be an image, javascript file, stylesheet, flash file, etc.

rocknbil

6:20 pm on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I have replaced all the image links with https but still bet the same problem.

Your first choice was correct - if you uploaded copies to the secure server and called them by images/filename.jpg, they will be secure - this is not the problem.

Any imported resource - style sheet, javascript, Flash, even the codebase for the download page in a flash object tag - will cause this. A BASE HREF will also do it. If you're using external sheets, etc., upload them also and call them relatively like you do your images.

For Flash, MM indeed has a secure download page so you **can** just change the codebase to https.:
codebase="https://macromedia.com/i_cant_remember_full_url..."

But it's most likely going to be something like this. The non-secure links you have on the page won't kick off the warning.

The nuts-and-bolts way to figure it out is by trial and error, eliminate portions of the page and keep re-uploading it until it goes away.

jackvull

7:45 pm on Dec 26, 2005 (gmt 0)

10+ Year Member



Tried the techniques above...thanks.
Surprisingly, the thing causing the problem is 1 or 2 iframes at the bottom of the page. The code I have for this is:

<iframe id = 'iframedownload' name = 'iframedownload' frameborder = '0' WIDTH=600 HEIGHT=100 border='0'>If you can see this, your browser doesn't understand IFRAME.Please download an updated browser e.g. Internet Explorer, Mozilla Firefox, or Opera.
</iframe>
<iframe id = 'errorsframe' style='display:none;' frameborder = '0' width=100 height=100 border='0'>If you can see this, your browser doesn't understand IFRAME.Please download an updated browser e.g. Internet Explorer, Mozilla Firefox, or Opera.
</iframe>

Any ideas why iframes would cause an issue?

john_k

8:49 pm on Dec 26, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



You haven't defined a src attribute for the iframe. I don't recall if you can just add src="", or if you would need to create a simple text file with your message and set the source to that file.

jackvull

9:05 pm on Dec 26, 2005 (gmt 0)

10+ Year Member



Yes! Beatiful - thanks!

I added a blank text document to the secure folder and then added this to the src attribute of the iframe.

Works perfectly.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Browser Side / HTML 10:38 pm May 1, 2026