“This Page Contains Both Secure and Non-Secure Items”

By David Pratt / Tags: , , / 2 Comments / Published: 24-11-09

If you are familiar with the message above, then you have probably seen it a hundred times before.

This Page Contains Both Secure and Non-Secure Items

This Page Contains Both Secure and Non-Secure Items

Or

Do you want to view only the webpage content that was delivered securely

Do you want to view only the webpage content that was delivered securely

It is caused (as I’m sure you can figure out from the title) by having non-secure items on a secure page i.e. having an asset that sits on the HTTP protocol being called from a secure HTTPS page. This often occurs on checkout confirmation pages, or sign up thank you pages where a developer has a included an absolute path to something that sits on the HTTP protocol. In my experience this is very often 3rd party tracking pixels or marketing banners that have been added as an afterthought.

There is a very straightforward solution to this problem however, all you need to do is use a protocol-independent absolute path that switches between HTTP and HTTPS depending on what protocol the asset is currently sat on. To do this you need to modify (in the case of images) the src path so that it looks something like:

<img src="//daipratt.co.uk/i/tracking.png"/>

All I have done here is drop the “http:” from the url, leaving the “//” behind. If you are looking at a page in SSL through HTTPS, then what it will do is request that asset with the HTTPS protocol, otherwise it’ll request it with HTTP. This then prevents the annoying error message as all of the page assets are sat on the same protocol.

Category: Tech

Tags: , ,

Posted: on November 24th, 2009 at 10:14 am.

Feeds: RSS 2.0

2 Responses to ““This Page Contains Both Secure and Non-Secure Items””

Remo December 29th, 2009 at 9:29 pm

Is there a reason why you start your urls with two slashes?

Leave a reply