How to eliminate Mixed content security warning on your web pages

Security mixed content warning
You should have been pretty familiar with the above prompt of your web browser, especially Internet Explorer, if you’ve been involved in developing web pages for your websites that are delivered via the HTTPS secure channel.

The prompt is a mixed content security warning, which was resulted due to your webpages having images, javascripts, flash contents etc where the sources (src) are having absolute hyperlinks which the protocol starts with http instead of https. So when the user enters a webpage delivered under the https protocol, the web browser will prompt of mixed content security warning.

To get rid of the ugly prompt, what a web developer can do is to use protocol relative URL i.e //example.com only instead of http://example.com or https://example.com. With the protocol relative URL, when a user enters a secure page e.g https://example.com/p1.html , all other contents URLs will be relative to the protocol e.g. https://example.com/image.jpg. And when the user enters a http web page, the image source URL will follow automatically and become http://example.com/image.jpg.

But of course, if your image comes from an external website e.g you have a sitemeter at the bottom of the webpage to measure website traffic. Using protocol-relative URL is simply depending if the external site supports HTTPS or not when the user enters a secure page, or else the image from the external sites will not be able to display properly. But for the case of sitemeter, I’ve checked it out, sitemeter does support HTTPS, but unfortunately, the image that you place on your webpage for measuring the traffic, does not respond to https request. To check this, you can use Firefox browser, to view the image of the sitemeter and add a “s” after the http in the URL, if it opens right, then it works. But unfortunately, I’ve tested, it does NOT.

Enter your email address to subscribe our newsletter or feed for FREE:

Delivered by FeedBurner


Bookmark with:

[Delicious]    [Digg]    [Reddit]    [Facebook]    [StumbleUpon]

0 Responses to “How to eliminate Mixed content security warning on your web pages”


  1. No Comments

Leave a Reply

You must login to post a comment.