mixed content security warning

For information and questions on how to use the discussion board (do not post ostomy related questions in this area!).
Anyone can read. Only registered users can post.
No commercial posting allowed.

Moderators: Bob Webtech, Jimbob

Forum rules
Before posting, please read our Discussion Board Terms and Conditions and our Code of Conduct. This particular area of our board is only for issues on how to use the board, not for ostomy-related questions!
Post Reply
User avatar
Sinfulsot
Posts: 1332
Joined: 2010-02-12 10:53:13

mixed content security warning

Post by Sinfulsot »

At my home pc, I am getting the following security warning as i navigate from page to page:

Do you want to view only the webpage content that was deilivered securely?

This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage.

More Info/Yes/No

Also, at the bottom of the window, it says Local intranet instead of Internet.

Again, every navigation to a new page or if i go back, after the page loads, i am getting the warning. I messed with the settings and the best i got was not getting the warning, but i had to log in twice.

I am very open to suggestion(s).
Stomas are red
Asphyxia is blue
Yes I am very morbid
And darn cynical too
User avatar
LindaAukett UOAA Advocacy
Posts: 1603
Joined: 2005-11-06 12:29:31

Re: mixed content security warning

Post by LindaAukett UOAA Advocacy »

Hi -

Though I have not experienced it myself, the moderators are aware that this is happening since Bob set us up with https - after the hacking incident. But he is the expert so I will leave it to him to respond in depth. You probably already read the updated notice at https://www.ostomy.org/forum/viewtopic.php?f=5&t=18818

Linda
User avatar
Bob Webtech
Site Admin
Posts: 995
Joined: 2005-09-29 11:17:09

Re: mixed content security warning

Post by Bob Webtech »

When a web page is encrypted with https, web browsers may complain if any component of the page is transmitted in the clear (by regular http instead of https). The component that's transmitted by regular http may be just an image or some other small supporting file. When I converted our board to https last week, I worked pretty hard to make sure that all images and supporting files normally provided within the discussion board (not just the overall web pages) are served by https. And I think I succeeded, as my web browsers display the padlock icon and say the pages are secure.

I did notice, shortly after implementing the change-over, that if I viewed the board using a web browser that I hadn't used since before the change-over, it might initially indicate mixed content. That was probably due to old, left-over content in the browser's cache. The problem could generally be fixed by hitting the browser's Refresh/Reload button a number of times. Or if that doesn't work, you can explicitly clear the browser's cache in its Options/Preferences settings (or if using Internet Explorer, clear its "Temporary Internet Files" which is IE's term for its cache).

There is, nevertheless, one case in which mixed content is entirely expected, and there's nothing we can do about it. This is when users have posted messages in which they've embedded photos using the IMG tag. The images get pulled from the photo sharing site (such as photobucket) where the user had posted them, and they're generally pulled using regular http protocol. So, in these cases, the embedded photos constitute the "insecure" portion of the page, and if you tell your browser to suppress the insecure content, you won't see the photos.
Bob Baumel, UOAA discussion board administrator
User avatar
Sinfulsot
Posts: 1332
Joined: 2010-02-12 10:53:13

Re: mixed content security warning

Post by Sinfulsot »

bump

When i navigate to the forum via my bookmark, whis to the login page, internet explorer shows in the lower right from internet to local intranet. when i am at work, it stays Internet.

and still no change with the warning with every navigation
Stomas are red
Asphyxia is blue
Yes I am very morbid
And darn cynical too
User avatar
Bob Webtech
Site Admin
Posts: 995
Joined: 2005-09-29 11:17:09

Re: mixed content security warning

Post by Bob Webtech »

Sinfulsot,
There may be a problem with your old bookmark. So, why don't you just delete that old bookmark. Then navigate normally to our website at www.ostomy.org and follow the link to the discussion board. Then make a new bookmark. Does that solve the problem?
Bob Baumel, UOAA discussion board administrator
User avatar
Sinfulsot
Posts: 1332
Joined: 2010-02-12 10:53:13

Re: mixed content security warning

Post by Sinfulsot »

it did not.

and when internet explorer navigates to https://...., it is still showing as local intranet.

the current fix is to use firefox, which isn't really much of a hassle.
Stomas are red
Asphyxia is blue
Yes I am very morbid
And darn cynical too
Post Reply