Brad Bansner
asked on
Browser says non-secure image on secure page, image has https
The large image of the four Canada stamps on this page is causing Firefox to tell me the page is not secure due to non-secure elements on the page:
https://www.worldstampcompany.com/country/canada
However, in my HTML I am using:
https://imageshack.com/a/img923/5798/vZdd8h.jpg
If I put that URL in my browser, I do indeed get a "connection is not secure" message. However, if I then forcibly put https in my browser:
https://imageshack.com/a/img923/5798/vZdd8h.jpg (again)
...it does come up as secure.
I'm not sure what Image Shack is doing, it seems like they are redirecting to non-secure (http) but at the same time, if I can force https in, it looks like they have a certificate.
Is there something I can do to make this work, or do I have to contact Image Shack and find out what they are doing on their end?
Thank you!
https://www.worldstampcompany.com/country/canada
However, in my HTML I am using:
https://imageshack.com/a/img923/5798/vZdd8h.jpg
If I put that URL in my browser, I do indeed get a "connection is not secure" message. However, if I then forcibly put https in my browser:
https://imageshack.com/a/img923/5798/vZdd8h.jpg (again)
...it does come up as secure.
I'm not sure what Image Shack is doing, it seems like they are redirecting to non-secure (http) but at the same time, if I can force https in, it looks like they have a certificate.
Is there something I can do to make this work, or do I have to contact Image Shack and find out what they are doing on their end?
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://WebPageTest.org site waterfall provides an easy way to debug this.
As Dave Baldwin mentioned, your image redirects to an HTTP link. Note, this is an HTTP not HTTPS link, so you'll have a mixed content flag on your site till this is fixed.
Always check WPT first, as this tester will resolve all redirects for you + you'll have an instant report of exactly what's broken/insecure.
As Dave Baldwin mentioned, your image redirects to an HTTP link. Note, this is an HTTP not HTTPS link, so you'll have a mixed content flag on your site till this is fixed.
Always check WPT first, as this tester will resolve all redirects for you + you'll have an instant report of exactly what's broken/insecure.
ASKER
It looks like by swapping out the URL to what they are redirecting to, I can fix this:
https://www.worldstampcompany.com/country/canada
...and indeed the page is now secure. As long as Image Shack doesn't mind me doing it that way and make my "direct" link via https not work at some point in the future.
https://www.worldstampcompany.com/country/canada
...and indeed the page is now secure. As long as Image Shack doesn't mind me doing it that way and make my "direct" link via https not work at some point in the future.
<img src="https://imageshack.com/a/img923/5798/vZdd8h.jpg" />
However, when I place https://imageshack.com/a/img923/5798/vZdd8h.jpg in my firefox address I do not get a secure page. I get the image, but no secure page. Same thing happens when I manually type in the https:// Its possible that some unsecure CDN server (located closer to me) may be serving up the page instead of imageshack. Or, imageshack itself is not serving up secured pages.
I would guess, If you get different results on different tries, then its probably not imageshack but a CDN server upstream on your network path.