Frames and SSL; can just one frame be secure?

JavaScript and client side scripting.

Moderator: General Moderators

Post Reply
User avatar
zeek
Forum Commoner
Posts: 48
Joined: Mon Feb 27, 2006 7:41 pm

Frames and SSL; can just one frame be secure?

Post by zeek »

This might be a dumb question, but...

I am designing the admin section for a web site. It's in frames. The main site is on a non-ssl server. If I load a page from an ssl server into one of the frames the browser doesn't show the pad-lock indicating a secure page. This isn't a problem since it's just an admin area of the site, but is it (just that frame) a secure connection even though it doesn't show as being so?

Just for clarity I'm loading a secured page into a frame. The browser doesn't indicate that it's secure, by showing the pad-lock (Firefox). Is the page still secure even though it's in a frame? Thanks in advance.


EDIT: Found answer in case anyone else runs into this issue. The anser is NO ssl will not work with frames. You need a new window.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Frames and SSL; can just one frame be secure?

Post by Christopher »

zeek wrote:EDIT: Found answer in case anyone else runs into this issue. The anser is NO ssl will not work with frames. You need a new window.
Huh? SSL works fine in frames. But because not all of the frames are using SSL the browser does not show the lock. The frame that is using SSL will communicate encrypted data. You will also get a browser warning about "secure & non-secure" items.
(#10850)
Post Reply