Secure And Insecure Items

Forum Moderators: open

Message Too Old, No Replies

Secure And Insecure Items

Is it possible to use ASP to make items secure?

Harpman

10:48 am on Nov 30, 2004 (gmt 0)

I'm working on a site which includes external content on every page, and has a secure page too.

On reaching the secure page, we get the all-too-familiar "page includes both secure and insecure items" with the "Display insecure items? Yes/No" box. The site owner feels this will turn people off.

Other than forcing the external content suppliers to have their own secure servers, is there any way to get round this in ASP?

I heard a theory that it can be done by binary reading the non-secure content in somehow, then sending it out securely to the Response object, but I've no idea how this would work.

Is there anyone who's solved this problem themselves and can give a pointer or two?

One last thing... ideally we'd love it if we could be including output from dynamic pages on the other servers too.

Is this possible, or should we be looking for compromises?

dotme

5:42 pm on Nov 30, 2004 (gmt 0)

Well, I've used the XML objects in ASP to pull data from other servers. Assuming that the third party providers are okay with this, it should work. But you'll have to work with them.

How the above works is that your webserver fetches that third party content, not the end user's browser. Your server then dynamically incorporates it into the SSL-enabled page, and sends the content to the browser.

I'm not sure if anyone else has a better idea. You could always not include the third part content on the SSL pages if it's not essential...

Sanenet

6:30 pm on Nov 30, 2004 (gmt 0)

This is a client side error, you can't fix it using ASP.

The problem is that you are mixing SSL elements with nonSSL - probably the images on the page. Go through the page, and ensure that all images and associated files referenced are in the secure https:// domain.