I have a website in which every page is served via HTTPS. On one

Question

0

Asked: May 24, 20262026-05-24T00:10:49+00:00 2026-05-24T00:10:49+00:00

I have a website in which every page is served via HTTPS. On one

0

I have a website in which every page is served via HTTPS. On one of the pages I have a form whose action attribute is set to a relative URL.

The page with the form can only be accessed via HTTPS and the page the form posts to can only be hit via HTTPS, yet in IE I get a security warning telling me I’m about to switch to an insecure connection. Is there any way to prevent this problem beyond codding the full URL including the protocol into the form’s action attribute?

Update:

I tried hardcoding the entire URL and still I get the pop-up.

The relevant code is:

<html>
    <body>
      <form action="https://mydomain.com/editProfile">
         ...
      </form>
    </body>
</html>

As soon as I click the submit button in IE6 I get a security alert pop-up. If I click ok, the result page is displayed and the protocol is still HTTPS. I’m starting to wonder if it is the form POST that’s causing the issue.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-24T00:10:50+00:00

Editorial Team

2026-05-24T00:10:50+00:00Added an answer on May 24, 2026 at 12:10 am

You can’t (other than setting the base URL to https). According to RFC 1808 (relative URLs), an URL starting with a scheme name is always interpreted as an absolute URL (section 4, step 2a).

(As others pointed out, relative URLs keep the scheme, so the problem was elsewhere, probably with an unencrypted image or CSS file, but the question was interesting in its own right.)

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a website in which every page is served via HTTPS. On one

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply