scm0sml
asked on
images causing problems with https
Hi,
I have a master page that my pages use and one or two pages use https.
On these pages the user is getting warnings about content not being secure because of the url to images etc, say the logo and so.
Is there a workaround for this?
Using c# 4
I have a master page that my pages use and one or two pages use https.
On these pages the user is getting warnings about content not being secure because of the url to images etc, say the logo and so.
Is there a workaround for this?
Using c# 4
In general your images should be using relative URLs, e.g. "/images/logo.png", NOT absolute urls like "http://www.mycompany.com/images/logo.png".
If you use relative URLs you won't get the errors, because the client will use the appropriate protocol - HTTP or HTTPS, to connect and download the data.
If you use relative URLs you won't get the errors, because the client will use the appropriate protocol - HTTP or HTTPS, to connect and download the data.
ASKER
The client side is not an option, I would have to tell every user on the site to do this.
I don;t really want to go creating two images either.... isn't there a "Normal" work around for this?
I don;t really want to go creating two images either.... isn't there a "Normal" work around for this?
It's an all or nothing type deal. All the content either needs to be HTTP or HTTPS.
There is no work-around, sorry.
There is no work-around, sorry.
ASKER
frosty555 this is one example of one of my images:
<img id="logo" src="graphics/logo.png"/>
However when viewing that on a https url the code still says just graphics/.... in the rendered html?
Also if I have included maybe a jquery or 3rd party library that weren't 3rd party, would they cause the browser to flag that some content isn't secure?
Is this something that we should worry about or not?
<img id="logo" src="graphics/logo.png"/>
However when viewing that on a https url the code still says just graphics/.... in the rendered html?
Also if I have included maybe a jquery or 3rd party library that weren't 3rd party, would they cause the browser to flag that some content isn't secure?
Is this something that we should worry about or not?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The whynopadlock.com link on that page has told me that these are the cuplrits:
- Insecure URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
- Insecure URL: http://download.skype.com/share/skypebuttons/js/skypeCheck.js
Is it just as simple as making them https?
- Insecure URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
- Insecure URL: http://download.skype.com/share/skypebuttons/js/skypeCheck.js
Is it just as simple as making them https?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Server side fix:
Make sure that the images are in the same directory as the main files, if necessary make copies of the image files and change references to those images to the secured folder instead of the original source.
Client side fix:
Either:
(On Internet Options) Make sure to UNCHECK "Block unsecured images with other secured content" in SECURITY section.
OR:
Add site (domain) to "trusted sites" and UNCHECK require "https"