| Subject: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 6:49:56 AM |
| From: laredotornado [Email Address Protection] |
Hi, I'm using PC IE 7. When I visit a particular page, I get the message "This page contains both secure and nonsecure items. Do you want to continue?" How do I figure out what's causing this error? The only reference I can find to "http://" is at the top of my page <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> But maybe there's a more precise way in IE 7 to figure out what's causing the dialog. Grateful for your help, - Dave |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 7:13:39 AM |
| From: Leonard Grey [Email Address Protection] |
It's not an error. It's for your information. The browser is telling you that only parts of the page contain items that are authenticated and possibly encrypted for transmission. To see the difference, view the page both ways (i.e., with and without the nonsecure items.) Keep in mind that a single web page can contain data from several servers. Not all the data needs to be secured. --- Leonard Grey Errare humanum est laredotornado wrote: > Hi, > > I'm using PC IE 7. When I visit a particular page, I get the message > "This page contains both secure and nonsecure items. Do you want to > continue?" How do I figure out what's causing this error? > > The only reference I can find to "http://" is at the top of my page > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" > "http://www.w3.org/TR/html4/strict.dtd"> > > But maybe there's a more precise way in IE 7 to figure out what's > causing the dialog. Grateful for your help, - Dave |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 7:23:00 AM |
| From: "PA Bear [MS MVP]" [Email Address Protection] |
The behavior isn't new in IE7. See this KB article (middle of page): A Description of the Changes to the Security Settings of the Web Content Zones in Internet Explorer 6 http://support.microsoft.com/kb/300443 -- ~Robear Dyer (PA Bear) MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002 AumHa VSOP & Admin http://aumha.net DTS-L http://dts-l.net/ laredotornado wrote: > I'm using PC IE 7. When I visit a particular page, I get the message > "This page contains both secure and nonsecure items. Do you want to > continue?" How do I figure out what's causing this error? > > The only reference I can find to "http://" is at the top of my page > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" > "http://www.w3.org/TR/html4/strict.dtd"> > > But maybe there's a more precise way in IE 7 to figure out what's > causing the dialog. Grateful for your help, - Dave |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 10:00:07 AM |
| From: laredotornado [Email Address Protection] |
On Jul 21, 8:13=A0am, Leonard Grey <l.g...@not.valid.net> wrote: > It's not an error. It's for your information. The browser is telling you > that only parts of the page contain items that are authenticated and > possibly encrypted for transmission. > > To see the difference, view the page both ways (i.e., with and without > the nonsecure items.) > > Keep in mind that a single web page can contain data from several > servers. Not all the data needs to be secured. > > --- > Leonard Grey > Errare humanum est > > > > laredotornadowrote: > > Hi, > > > I'm using PC IE 7. =A0When I visit a particular page, I get the message > > "This page contains both secure and nonsecure items. Do you want to > > continue?" =A0How do I figure out what's causing this error? > > > The only reference I can find to "http://" is at the top of my page > > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" > > =A0 =A0 =A0 =A0 =A0 =A0 "http://www.w3.org/TR/html4/strict.dtd"> > > > But maybe there's a more precise way in IE 7 to figure out what's > > causing the dialog. =A0Grateful for your help, - Dave- Hide quoted text= - > > - Show quoted text - Unfortunately it is not possible to view the page over a non-secure port, but by eyes, the page looks fine, I just want that annoying alert to go away. Would this alert come up if there were unsecured data from other servers? Is the above declaration I have included a reason why this alert would come up? Thanks, - Dave |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 10:23:03 AM |
| From: Leonard Grey [Email Address Protection] |
"Would this alert come up if there were unsecured data from other servers?" That's usually why it appears. To do away with the message: Tools > Internet Options > Advanced > 'Warn if changing between secure and not secure mode' Like I said, it's just for your information, so you can make an informed choice about whether you want to enter personal information on a form. --- Leonard Grey Errare humanum est laredotornado wrote: > On Jul 21, 8:13 am, Leonard Grey <l.g...@not.valid.net> wrote: >> It's not an error. It's for your information. The browser is telling you >> that only parts of the page contain items that are authenticated and >> possibly encrypted for transmission. >> >> To see the difference, view the page both ways (i.e., with and without >> the nonsecure items.) >> >> Keep in mind that a single web page can contain data from several >> servers. Not all the data needs to be secured. >> >> --- >> Leonard Grey >> Errare humanum est >> >> >> >> laredotornadowrote: >>> Hi, >>> I'm using PC IE 7. When I visit a particular page, I get the message >>> "This page contains both secure and nonsecure items. Do you want to >>> continue?" How do I figure out what's causing this error? >>> The only reference I can find to "http://" is at the top of my page >>> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" >>> "http://www.w3.org/TR/html4/strict.dtd"> >>> But maybe there's a more precise way in IE 7 to figure out what's >>> causing the dialog. Grateful for your help, - Dave- Hide quoted text - >> - Show quoted text - > > Unfortunately it is not possible to view the page over a non-secure > port, but by eyes, the page looks fine, I just want that annoying > alert to go away. > > Would this alert come up if there were unsecured data from other > servers? Is the above declaration I have included a reason why this > alert would come up? > > Thanks, - Dave |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 10:43:07 AM |
| From: laredotornado [Email Address Protection] |
On Jul 21, 11:23=A0am, Leonard Grey <l.g...@not.valid.net> wrote: > "Would this alert come up if there were unsecured data from other > servers?" > That's usually why it appears. > > To do away with the message: Tools > Internet Options > Advanced > 'Warn > if changing between secure and not secure mode' > > Like I said, it's just for your information, so you can make an informed > choice about whether you want to enter personal information on a form. > > --- > Leonard Grey > Errare humanum est > > > > laredotornadowrote: > > On Jul 21, 8:13 am, Leonard Grey <l.g...@not.valid.net> wrote: > >> It's not an error. It's for your information. The browser is telling y= ou > >> that only parts of the page contain items that are authenticated and > >> possibly encrypted for transmission. > > >> To see the difference, view the page both ways (i.e., with and without > >> the nonsecure items.) > > >> Keep in mind that a single web page can contain data from several > >> servers. Not all the data needs to be secured. > > >> --- > >> Leonard Grey > >> Errare humanum est > > >> laredotornadowrote: > >>> Hi, > >>> I'm using PC IE 7. =A0When I visit a particular page, I get the messa= ge > >>> "This page contains both secure and nonsecure items. Do you want to > >>> continue?" =A0How do I figure out what's causing this error? > >>> The only reference I can find to "http://" is at the top of my page > >>> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" > >>> =A0 =A0 =A0 =A0 =A0 =A0 "http://www.w3.org/TR/html4/strict.dtd"> > >>> But maybe there's a more precise way in IE 7 to figure out what's > >>> causing the dialog. =A0Grateful for your help, - Dave- Hide quoted te= xt - > >> - Show quoted text - > > > Unfortunately it is not possible to view the page over a non-secure > > port, but by eyes, the page looks fine, I just want that annoying > > alert to go away. > > > Would this alert come up if there were unsecured data from other > > servers? =A0Is the above declaration I have included a reason why this > > alert would come up? > > > Thanks, - Dave- Hide quoted text - > > - Show quoted text - I'm concerned about other users coming to the page and seeing this message. I would like to figure out what these non-secure items are but I don't know how. Do you? - |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/21/2008 2:49:11 PM |
| From: "Robert Aldwinckle" [Email Address Protection] |
"laredotornado" <laredotornado@zipmail.com> wrote in message news:ad8096d4-c96b-47cf-bbe7-9731b2fc0b5c@c65g2000hsa.googlegroups.com... <QP> I'm concerned about other users coming to the page and seeing this message. I would like to figure out what these non-secure items are but I don't know how. Do you? - </QP> Use View Source (Alt-V,c) and search for src= or use the Privacy Report (Alt-V,v) and look for mixed protocol from your page. If you need more help please find an example publicly accessible page which demonstrates the problem symptoms and post its URL. --- |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/22/2008 3:16:31 PM |
| From: laredotornado [Email Address Protection] |
On Jul 21, 3:49=A0pm, "Robert Aldwinckle" <rob...@techemail.com> wrote: > "laredotornado" <laredotorn...@zipmail.com> wrote in message > > news:ad8096d4-c96b-47cf-bbe7-9731b2fc0b5c@c65g2000hsa.googlegroups.com... > > <QP> > > I'm concerned about other users coming to the page and seeing this > message. =A0I would like to figure out what these non-secure items are > but I don't know how. =A0Do you? - > > </QP> > > Use =A0View Source =A0(Alt-V,c) =A0and search for =A0src=3D > > or =A0use the =A0Privacy Report =A0(Alt-V,v) =A0and look for mixed protoc= ol > from your page. > > If you need more help please find an example publicly accessible page > which demonstrates the problem symptoms and post its URL. > > --- I did a view source and there is nothing suggesting an insecure resource. Because this page is on an Intranet, I can't post a public URL, but below is the source. Thanks for your help again, - Dave <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-1" /> <title>Application Configuration Grid</title> <link rel=3D"stylesheet" type=3D"text/css" href=3D"../scripts/dojo/ resources/dojo.css"/> <link rel=3D"stylesheet" type=3D"text/css" href=3D"../scripts/dijit/theme= s/ tundra/tundra.css"/> <link rel=3D"stylesheet" type=3D"text/css" href=3D"../css/portal.css"/> <link rel=3D"stylesheet" type=3D"text/css" href=3D"../css/Grid.css"/> <script type=3D"text/javascript" src=3D"../scripts/dojo/dojo.js" djConfig=3D"isDebug:false, parseOnLoad: true"></script> <script type=3D"text/javascript"> dojo.require("dijit.Dialog"); dojo.require("dojo.data.ItemFileWriteStore"); dojo.require("dijit.form.TextBox"); dojo.require("dijit.form.FilteringSelect"); dojo.require("dojox.grid.Grid"); dojo.require("dojox.grid._data.model"); dojo.require("dojo.parser"); dojo.require("dojox.lang.functional"); </script> <script type=3D"text/javascript"> var appId =3D "null"; var appName =3D "null"; var selectedElement; // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Grid structure // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D var view1 =3D { cells: [ [{width: 'auto', name: 'Element Name', field: 'name',width: "25%", editor: dojox.grid.editors.input}, {width: 'auto', name: 'Config Key', field: 'key',width: "25%", editor: dojox.grid.editors.input}, {width: 'auto', name: 'Attribute', field: 'attribute',width: "25%", editor: dojox.grid.editors.input}, {width: 'auto', name: 'Attribute Value', field: 'value',width: "25%", editor: dojox.grid.editors.input} ] ] }; var gridLayout =3D [ view1 ]; // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Create a data model // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D var gridColumns =3D [{id:"name",label:"Element Name"}, {id:"key",label:"Config Key"}, {id:"attribute",label:"Attribute"}, {id:"value",label:"Attribute Value"} ]; var gridModel =3D { items: [] }; var gridStore =3D new dojo.data.ItemFileWriteStore({data:gridModel}); var model =3D new dojox.grid.data.DojoData(null,gridStore); </script> <script type=3D"text/javascript" src=3D"../scripts/ConfigGrid.js"></ script> <script type=3D"text/javascript" src=3D"../scripts/main.js"></script> </head> <body class=3D"tundra"> <div dojoType=3D"dijit.layout.ContentPane" layoutAlign=3D"top"> <form id=3D"configForm" name=3D"configForm" method=3D"post" action=3D"/ nps_config_gui/jsp/ConfigGrid.jsf" enctype=3D"application/x-www-form- urlencoded" onsubmit=3D"return saveGridData();"> <input type=3D"hidden" id=3D"appName" name=3D"appName" value=3D"" /> <input type=3D"hidden" id=3D"configData" name=3D"configData" value=3D"" /= > <input type=3D"hidden" id=3D"startConfigData" name=3D"startConfigData" value=3D"[]" /> <input type=3D"hidden" id=3D"configAction" name=3D"configAction" value=3D= "" / > <div style=3D"padding-left: 40px;"> <div id=3D"applicationSelectSpan"> Choose Application: <select id=3D"configForm:applicationSelect" name=3D"configForm:applicationSelect" size=3D"1" onchange=3D"document.getElementById('appName').value =3D this.value;this.form.submit();"> <option value=3D"" selected=3D"selected">-- Select Application --</option> <option value=3D"IM_GUI">Configure IM_GUI</option> <option value=3D"NPS_CONFIG_GUI">Configure NPS_CONFIG_GUI</option> <option value=3D"DAVE_TEST">Configure DAVE_TEST</option></select> </div> <br/><br/> <span id=3D"elementSelectSpan"> Choose Element: <select id=3D"configForm:elementSelect" name=3D"configForm:elementSelect" size=3D"1" onchange=3D"loadElements()"> <option value=3D"" selected=3D"selected">-- All Elements --</option></ select> </span> <span id=3D"keySelectSpan"> Choose Config Key: <select id=3D"configForm:keySelect" name=3D"configForm:keySelect" size=3D"1" onchange=3D"loadKeys()"> <option value=3D"" selected=3D"selected">-- All Keys --</option></select> </span> <br/><br/> <div id=3D"grid" dojoType=3D"dojox.Grid" model=3D"model" structure=3D"gridLayout" singleClickEdit=3D"true" autoHeight=3D"true"> <script type=3D"dojo/method" event=3D"onApplyEdit" args=3D""> if (this.model.data[this.selection.selectedIndex].flag =3D=3D 'old') { this.model.data[this.selection.selectedIndex].flag=3D"update"; } </script> </div> <br /> <div id=3D"rowCount"></div> <br /> <div id=3D"controls"> <input type=3D"button" onClick=3D"addRow()" value=3D"Add Row" class=3D"npsButton" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)"/> <input type=3D"button" onClick=3D"deleteRow()" value=3D"Remove" class=3D"npsButton" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)"/> <input id=3D"configForm:_idJsp7" name=3D"configForm:_idJsp7" type=3D"submit" value=3D"Apply" onclick=3D"if(typeof window.clearFormHiddenParams_configForm!=3D'undefined') {clearFormHiddenParams_configForm('configForm');}" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)" class=3D"npsButton" /> <input type=3D"button" onClick=3D"cancelEdit()" value=3D"Cancel" class=3D"npsButton" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)"/> </div> </div> <input type=3D"hidden" name=3D"configForm_SUBMIT" value=3D"1" /><input type=3D"hidden" name=3D"configForm:_link_hidden_" /><input type=3D"hidden" name=3D"configForm:_idcl" /><script type=3D"text/javascript"><!-- function clear_configForm() { clearFormHiddenParams_configForm('configForm'); } function clearFormHiddenParams_configForm(currFormName) { var f =3D document.forms['configForm']; f.elements['configForm:_link_hidden_'].value=3D''; f.elements['configForm:_idcl'].value=3D''; f.target=3D''; } clearFormHiddenParams_configForm(); //--></script><input type=3D"hidden" name=3D"javax.faces.ViewState" id=3D"javax.faces.ViewState" value=3D"rO0ABXVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAAN0AAE0cH= QAEy9qc3AvQ29uZmlnR3JpZC5qc3A=3D" / ></form> <form id=3D"addForm" name=3D"addForm" method=3D"post" action=3D"/ nps_config_gui/jsp/ConfigGrid.jsf" enctype=3D"application/x-www-form- urlencoded"> <div dojoType=3D"dijit.Dialog" id=3D"dialog1" title=3D"Add Row" execute=3D"handleInput(arguments[0])" class=3D"inputDialog" style=3D"visibility: hidden;"> <script type=3D"dojo/method" event=3D"show"> this.inherited("show", arguments); // set timeout to allow the browser to render dialog setTimeout(dojo.hitch(self, function(){ dijit.focus(self.nameInput); }), 500); </script> <table class=3D"appAdmin dojoTabular"> <tr> <td style=3D"width: 80px;"><label for=3D"name">Element Name: </ label></td> <td><input id=3D"addForm:nameInput" name=3D"addForm:nameInput" type=3D"text" value=3D"" size=3D"50" /></td> </tr> <tr> <td style=3D"width: 80px;"><label for=3D"name">Config Key: </label></ td> <td><input id=3D"addForm:keyInput" name=3D"addForm:keyInput" type=3D"text" value=3D"" size=3D"50" /></td> </tr> <tr> <td style=3D"width: 80px;"><label for=3D"name">Attribute Name: </ label></td> <td><input id=3D"addForm:attrInput" name=3D"addForm:attrInput" type=3D"text" value=3D"" size=3D"50" /></td> </tr> <tr> <td style=3D"width: 80px;"><label for=3D"name">Attribute Value: </ label></td> <td><input id=3D"addForm:valueInput" name=3D"addForm:valueInput" type=3D"text" value=3D"" size=3D"50" /></td> </tr> <tr> <td colspan=3D"2" align=3D"center"> <input type=3D"button" class=3D"npsButton" value=3D"OK" onclick=3D"doAddRow()" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)"/> <input type=3D"button" class=3D"npsButton" value=3D"Cancel" onclick=3D"closeDialog()" onmouseover=3D"hoverGridButton(this)" onmouseout=3D"unhoverGridButton(this)"/> </td> </tr> </table> </div> <input type=3D"hidden" name=3D"addForm_SUBMIT" value=3D"1" /><input type=3D"hidden" name=3D"javax.faces.ViewState" id=3D"javax.faces.ViewState" value=3D"rO0ABXVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAAN0AAE0cH= QAEy9qc3AvQ29uZmlnR3JpZC5qc3A=3D" / ></form> </div> <!-- MYFACES JAVASCRIPT --> </body> </html> |
| Back |
| Subject: Re: How to figure out what's causing non-secure items alert? |
| Group: microsoft.public.internetexplorer.general |
| Date: 7/22/2008 7:21:47 PM |
| From: "Robert Aldwinckle" [Email Address Protection] |
"laredotornado" <laredotornado@zipmail.com> wrote in message news:ba5668b3-ff24-402b-af8b-43adfc6191d1@j22g2000hsf.googlegroups.com... <QP2> On Jul 21, 3:49 pm, "Robert Aldwinckle" <rob...@techemail.com> wrote: > "laredotornado" <laredotorn...@zipmail.com> wrote in message > > news:ad8096d4-c96b-47cf-bbe7-9731b2fc0b5c@c65g2000hsa.googlegroups.com... > > <QP> > > I'm concerned about other users coming to the page and seeing this > message. I would like to figure out what these non-secure items are > but I don't know how. Do you? - > > </QP> > > Use View Source (Alt-V,c) and search for src= > > or use the Privacy Report (Alt-V,v) and look for mixed protocol > from your page. > > If you need more help please find an example publicly accessible page > which demonstrates the problem symptoms and post its URL. > > --- I did a view source and there is nothing suggesting an insecure resource. Because this page is on an Intranet, I can't post a public URL, but below is the source. Thanks for your help again, - Dave </QP2> Have you tried my second suggestion yet? (Privacy Report looking for http: URLs.) A likely issue is that your HTML is modified by whatever your scripts do. E.g. if they contain code which load images which have their URLs prefixed by http: that could be the cause of your symptom. What happens if you disable Active Scripting? E.g. using either Security Settings Custom Level or using IE Developer Toolbar. HTH Robert --- |
| Back |