Prev Next

Author: Jesper Jørgensen
Posted: 1/25/2006 10:00:00 AM

If you secure your CMS server with SSL, so that the Client is accessed with for example, https://myserver.com/sitecore in a default IE 6 browser, you will get the prompt: "This page contains both secure and nonsecure items...".   

Our investigations have revealed the following facts regarding this:

• This warning is not raised if you use the Firefox browser.
• If you view the "View/Privacy Report...", you will see that no resources outside the https protocol are accessed.
• Tracing with HttpWatch plugin also reveals that no resources are accessed outside the https protocol.
• There are known issues with IE 6 that for example, special use of IFrames will trigger this promp.
• ...but we were not able to link any of these known issues to how our Sitecore Client works.

Our conclusion on this is that due to the fact that no nonsecure resources are in fact accessed and the warning is not present in Firefox, it is most likely an incorrect behavior that IE 6 raises this warning under these circumstances. At best, we will be able to find a workaround to implement in Sitecore with time.

 

Workarounds:  

1. Disable in IE 6: Tools/Internet Options/Security/Internet/Custom Level/Miscellaneous/Display Mixed Content 
2. Use Firefox or another browser. 
3. Upgrade to IE 7 when it is released*.

*) In IE 7, the setting mentioned in 1) will be default.

 

Prev Next