Avatar of scm0sml
scm0sml
 asked on

images causing problems with https

Hi,

I have a master page that my pages use and one or two pages use https.

On these pages the user is getting warnings about content not being secure because of the url to images etc, say the logo and so.

Is there a workaround for this?

Using c# 4
C#ASP.NET

Avatar of undefined
Last Comment
CtrlAltDl

8/22/2022 - Mon
n2fc

You can fix this either at the server side or client side...

Server side fix:
Make sure that the images are in the same directory as the main files, if necessary make copies of the image files and change references to those images to the secured folder instead of the original source.

Client side fix:
Either:
(On Internet Options) Make sure to UNCHECK "Block unsecured images with other secured content" in SECURITY section.
OR:
Add site (domain) to "trusted sites" and UNCHECK require "https"
Frosty555

In general your images should be using relative URLs, e.g.  "/images/logo.png", NOT absolute urls like "http://www.mycompany.com/images/logo.png".

If you use relative URLs you won't get the errors, because the client will use the appropriate protocol - HTTP or HTTPS, to connect and download the data.
scm0sml

ASKER
The client side is not an option, I would have to tell every user on the site to do this.

I don;t really want to go creating two images either.... isn't there a "Normal" work around for this?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
CtrlAltDl

It's an all or nothing type deal.  All the content either needs to be HTTP or HTTPS.

There is no work-around, sorry.
scm0sml

ASKER
frosty555 this is one example of one of my images:
<img id="logo" src="graphics/logo.png"/>  

However when viewing that on a https url the code still says just graphics/.... in the rendered html?

Also if I have included maybe a jquery or 3rd party library that weren't 3rd party, would they cause the browser to flag that some content isn't secure?

Is this something that we should worry about or not?
SOLUTION
Frosty555

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
scm0sml

ASKER
The whynopadlock.com link on that page has told me that these are the cuplrits:
 - Insecure URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
 - Insecure URL: http://download.skype.com/share/skypebuttons/js/skypeCheck.js

Is it just as simple as making them https?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.