Home/ Questions/Q 7516417
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T01:07:28+00:00

I have an HTTPS page which has an iframe src=https://…. from a 3rd party

  • 0

I have an HTTPS page which has an iframe src=”https://….” from a 3rd party domain. As far s I can tell, all the content on the page is from relative urls, e.g. css background images, css files, js files. The only http I can find is the doctype namespace. However it triggers the secure page with insecure content warning.

Looking at the net loading with FF firebug, there is an initial page load of the https iframe, then it loads the same src on http, and all the stuff with relative paths is loaded http.

I don’t understand why it would do this. any ideas?

here’s the https request header:

peopleslight.org
User-Agent  Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0.1) Gecko/2010010  Firefox/4.0.1
Accept  */*
Accept-Language en-us,en;q=0.5
Accept-Encoding gzip, deflate
Accept-Charset  ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive  115
Connection  keep-alive
Referer https://peopleslight.org/ta/2011-golf-raffle
Cookie  __utma=238776193.435441812.1294494977.1313691671.1313702691.18; SESS62936e483d6f95225c680b381cb719e6=d4fac531988c58c4a4bf7e5ff8df107d; __utmz=238776193.1311709137.16.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); has_js=1; __utmc=238776193; __utmb=238776193.2.10.1313702691
If-Modified-Since   Wed, 17 Aug 2011 07:01:07 GMT
If-None-Match   "1fc4018-2e75e-4aaae0f71f2c0"
Cache-Control   max-age=0
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use the The protocol-relative URL on your offending urls to avoid this issue in IE.

    So, instead of calling a js/image/css by using its full path, e.g. including the http/s protocol, you call it simply by using a double slash, //, so your content (what i like to think) “inherits” the protocol scheme of its former.

    • 0