Page 1 of 1

On SSL pages: Some parts are nonsecure?

Posted: Sat Sep 27, 2008 8:21 am
by kaisellgren
Hi,

I am running an SSL page on my website. Basically what I am doing is that I use PHP to check that the protocol is HTTPS, if it is not, then I redirect to the HTTPS version of that particular page (a secure registration page).

Now I have one problem only. The images on the secure page are being loaded as HTTP, not HTTPS (no SSL). So therefore IE and maybe some other browsers complain about that certain parts are insecure. Such as images, css file, etc. If the user clicks "no dont show unsecure" then the site loses all CSS and gfx...

How would I easily solve this problem? Firefox & Opera seems to accept non SSL images and files (they trust the website author?). Theres an option in IE to disable this check, but by default its checking and complaining.

Any ideas? I was thinking about JS that converts all href="" src="" etc to HTTPS, but still it won't help much (cuz the site was orginally loaded with nonsecure hrefs).

Re: On SSL pages: Some parts are nonsecure?

Posted: Mon Sep 29, 2008 3:50 am
by Mordred
Link to the images with relative URLs, the https will come natively for https pages, and they will remain http for http pages.

Re: On SSL pages: Some parts are nonsecure?

Posted: Mon Sep 29, 2008 6:54 am
by kaisellgren
Yea, but I found an easier solution ;)

Code: Select all

<base href="https://site.com" />