This page contains both secure and non secure items.

[A.M]

Hi,

My ASP.NET application uses SSL on IIS6. up on visiting some pages, IE 6
shows this security alert:

This page contains both secure and non secure items.
Do you want to display non-secure items?

Regardless I answer no (or yes), everything works fine.

We don't like our users see that message because it makes them nervous
without any good reason.

How can I track why the browswer shows that flase security alert?


Thanks,
Alan

 

[Ken Cox [Microsoft MVP]]

Hi Alan,

Are you using SmartNavigation in the page or referencing scripts that are
outside the Application?

Here's an article on the SmartNav problem:

Error Message When You Submit .aspx Page with SmartNav Under SSL

http://support.microsoft.com/default.aspx?scid=kb;en-us;318320

 

[Ken Cox [Microsoft MVP]]

Are you using frames?

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q184960

 

[A.M]

No, I don't

Are you using frames?

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q184960

 

[A.M]

It is not smartnavigation because the warning pops up on one specific page.
I am pasting the page source at the end of this post:

Thanks,
Alan


=====================================================================

<!-- Template Start-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>Please Wait ...</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema"
content="http://schemas.microsoft.com/intellisense/ie5">
<script language="javascript">
self.focus();

function BeginPageLoad()
{
location.href = "LLViewer.aspx?rid=21";
}
</script>
</HEAD>
<body onload="BeginPageLoad()">
<form name="Form1" method="post"
action="LLWait.aspx?redirect=LLViewer.aspx%3frid%3d21" id="Form1">
<input type="hidden" name="__VIEWSTATE"
value="dDwxNzg0NjA0NTg0Ozs+5wOOcjTIemMpowWPCjq0XgZxlAA=" />

<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P align="center">
<object classid="clsid27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.ca
b#version=6,0,29,0" width="400" height="200" VIEWASTEXT>
<param name="movie" value="/LLC/Images/PleaseWait.swf">
<param name="quality" value="high">
<embed src="/LLC/Images/PleaseWait.swf" quality="high"
pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" width="400" height="200"></embed>
</object>
</P>
<P>&nbsp;</P>
</form>
</body>
</HTML>
<!-- Template End-->

=====================================================================

 

[Teemu Keiski]

Hi,

the error occurs because browser is fetching content both from secure and
insecure pages. Unless there isn't any clear that comes with HTTP (and uses
SSL that is HTTPS), you just need to remove the HTML snippet by snippet to
test out which part causes the problem.

--
Teemu Keiski
MCP, Microsoft MVP (ASP.NET), AspInsiders member
ASP.NET Forum Moderator, AspAlliance Columnist
http://blogs.aspadvice.com/joteke