Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
853 views
in Technique[技术] by (71.8m points)

security - Mixed content in Chrome and IE

In my HTTPS enabled site I have added an iframe that should show content from my other site, but it is not working under https.

<iframe  src="//myothersite.com"></iframe>

In Firefox latest version everything works good.

In Chrome, the iframe isn't loaded and in the console I see these two errors

Mixed Content: The page at 'https://mysite' was loaded over HTTPS, but requested an insecure resource 'http://myothersite.com'. 
This request has been blocked; the content must be served over HTTPS.
Failed to load resource: net::ERR_CACHE_MISS

In IE content load incorrectly and I see an alert message; if I click Allow Insecure Content, it loads correctly.

The question is: how I can do that IE and Chrome as in Firefox (load mixed content without any alerts)?

Note: I haven't changed any browser settings.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Actually Firefox has started to do the same: How to fix a website with blocked mixed content

It makes sense. If the user access a site using HTTPS is expecting to have a secured experience, and he may not be aware of parts of the application loading under not secure connections. That is the reason why the browser blocks such inconsistency.

You will need to provide HTTPS on myothersite.com.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...