I'm trying to inject the following iframe onto my https website:
Screenshot of code
Is it possible to use a http iframe on an https website?
This is the error I receive when I inject it currently:
The webpage at https://trk.slvrbck.net/aff_ad?campaign_id=191&aff_id=25171&format=iframe might be temporarily down or it may have moved permanently to a new web address.
Thanks!
you may include your http iframe in an https website. The https site will encrypt the http iframe once its data is being sent from client to server.
getting it to work is another deal on its own :
refer to this to get it to work
How to allow http content within an iframe on a https site
Related
I have a website https://mycpadashboard.com/. I have installed SSL to it but whenever I upload media it first creates an image URL with HTTP, not with HTTPS. Though when I clicked on HTTP generated image URL it is redirecting which is a good thing. But I am performing a technical audit and they are showing me warnings that some of the URLs(same non HTTP images) are having HTTP links. I have checked all the settings.
Please advise.
Thanks
Go to wp-options from database php my admin and change the link from http to https. so your all images will convert to https.
I just saw an image of playstore in footer with http URL.
I have image handler working fine on HTTP. But The same page when access using https its not showing up the image. When check browser console for errors its showing "ERR_INSECURE_RESPONSE".
This usually occurs when you try to load content from http site into https site. This results into Mixed-Content error.
On http page you can load contents from http or https both but when you are on https site then you can load contents like images or iframe only from https sites.
In this case i assume that the site which is sending request is on https but your ashx page is on http site.
I have main page which opens via http. On this page I open iframe with same domain but via https and get error message:
Blocked a frame with origin "https://example.com" from accessing a
cross-origin frame
Is it possible?
If the main page (http) could access the iframe (https) it will be a security problem!
More informations this security feature: https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy
Just move the main page to https, it will solve your problem and secure your visitors.
We're working on a web application which allows the user to do some design for mobile devices. The user simply enters some url and that url is previewed inside some iframe. The problem is, our application is running on https and if the user enters a non-https address it's not displayed by the browser for obvious reasons...
So can we use some reverse-proxy configuration to overcome this issue somehow? For example we'll set the iframe url as http://myserver.com/?url=http://externalserver.com and the reverse proxy will simply return the externalserver.com content back...
Is something like this possible?
I am creating a website with password-protected pages in it.
I have two type of customer: 1. normal 2. secured
For secured customers, pages would be rendered over HTTPS whereas for normal customer, pages will be rendered over HTTP.
However, pages for both types of users would be same but the content will change.
Please note, the URL for the two users should be same except HTTP/HTTPS part.
Can anyone pls suggest how to structure the application so that the same page will act as both http and https?
Also would like to know, sometimes when we browse some HTTPS page and few of the items like image are referenced over HTTP then we get a cross in Address Bar indicating that some of the resources are not over HTTPS.
How can we overcome this problem, any suggestions?
This should be fine, when the user logs in, redirect them to an https:// page. Just use the same page addresses, only the scheme (http or https) needs to change.
To avoid problems with choosing between http or https (for example in image URLs like you mention), try to use relative URLs whenever possible, instead of absolute URLs. So if you're on https://test.com/index.html and want to display an image in an images directory, use /images/test.jpg (relative) rather than https://images/test.jpg (absolute).
If you have to use absolute, you can use a scheme-relative url - for example //images/test.jpg will use HTTP if the current page is using HTTP, and HTTPS if the page is using HTTPS.
See this question and this one for more details.