?
Solved

iFrame not being displayed due to non secure items

Posted on 2014-04-01
2
Medium Priority
?
249 Views
Last Modified: 2014-04-01
Hi All,

We are having an issue with our website with iframes. Here are the particulars:

1. Our main site is hosted on one server and our database driven membership access site is on an another server using an association database called iMIS with the ISGWeb component. These services are displayed through the main site via an iframe. This has worked up until the last few months when more and more users aren't seeing the full iframe and being presented with a request to view non secure content.

2.  The main website is not secure. The membership access site is secure.

3.  Our vendor for the iMIS database suggests the solution is to install an SSL cert on the main server and have the whole site secure. I am not a complete web expert, but that seems not to be a best practice. I am open to other opinions.

4.  I have done some research and came across something related to the same origin policy. I am not a Java expert, so while I understand the fixes presented for this issue, I don't know how to implement them.

Any help or thoughts on this matter would be really appreciated. More and more users are having the issue which I suspect is due to browser upgrades.

Thanks.

Chip
0
Comment
Question by:cwemely
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 1500 total points
ID: 39970269
There are a couple of issues you bring up.  First, you will need to have an SSL cert on the main site.  You don't have to use ssl on everypage, but there is nothing wrong with doing so.  It is common today.   If you have ready anything about being "slow" from ssl, it is not enough to know the difference and unless you are serving page views in the millions you will be fine.

The other issue you brought up is java. If it is a java applet the site is loading, then the applet needs to have it's own certificate https://www.java.com/en/download/help/java_blocked.xml.

If the site is private, you might be able to get away with just using https without the cert. You will just always get warnings.  You could do the same with a public site, but it is not worth the hassle. Spend the $50/yr and get a certificate.
0
 

Author Comment

by:cwemely
ID: 39970468
Thanks for the response. Yeah . . . I have finally come to that conclusion after some more research.

Thank you for your help.
0

Featured Post

Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question