Stop the "page contains secure and nonsecure items" warning

Are your SSL web pages plagued by the browser warning "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?"

Do you want to display nonsecure items?

This is a common error that occurs when some element on a secure web page (one that is loaded with https:// in the address bar) is not being loaded from a secure source. This usually occurs with images, frames, iframes, Flash, and JavaScripts. If you are having trouble finding what elements are loading from http instead of https, try WhyNoPadLock.com. Once you found the elements, there are a few ways to fix them:

1. Change all URLs to https

Just open up the offending web page and search for http://. Change the references on all images, iframes, Flash, and Javascripts to https://. For example.

<img src="https://www.domain.com/image.gif" alt="" />

This may not work if you are loading an image from another site that does not have SSL set up. Also, with this method you'll be loading SSL images even when the client is loading from a non-secure page. This will add extra processing load on the server and client. This is definitely not recommended for a high volume site.

2. Change all links to // or make them relative

Rather than changing all the links to https://, change them to just //

<img src="//www.domain.com/image.gif" alt="" />

Alternatively, if the images or scripts are located on the same domain, you can access them relatively, rather than absolutely:

<img src="image.gif" alt="" />

Using this method, the browser will know that it must load the image securely if the web page is being loaded securely but it will also load the image normally if the page is not being accessed securely. The image will still need to be available on the other server securely. This is likely the best method of getting rid of the pesky "Do you want to display the nonsecure items?" warnings.

3. Change the browser settings

It is best to change the code of the page that is giving the error, but if you don't have access to change the code, you can always tell your personal web browser not to display that message. To do so follow these steps for Internet Explorer:

  1. Go to Tools, Internet Options.
  2. Select the "Security" Tab and then click on the "Custom Level" button.
  3. Scroll down until you see the option: "Display mixed content". Select "Enable".
  4. Click Ok. Then you will get a "Security Warning" pop-up. Click Yes.

One common reason that this warning shows up is using normal Google Analytics code on a secure page. It is a simple fix to enable Google Analytics on a page using SSL.

Digg del.icio.us Reddit

Posted on September 07, 2007
Showing comments 1 to 20 of 49 | Next | Last
sinisa
Posts: 46
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #49 on : Tue May 14, 2013, 04:27:16
Thanks a lot.i read this webpage and stupid prompts is disapear.
Becky
Posts: 46
Comment
THANK YOU!!!!!
Reply #48 on : Wed March 27, 2013, 07:36:55
This has been driving me crazy for months. Option #3 worked for me. Thank you so much for posting the solution!
T.J.
Posts: 46
Comment
security pop ups/sec/non secure items
Reply #47 on : Wed January 11, 2012, 04:59:11
Thanks loads, it drives you mad when they keep popping up
Hannah
Posts: 46
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #46 on : Thu January 05, 2012, 13:17:43
Option 3 worked. Thanks so much!!!
Mad Eddie
Posts: 46
Comment
It is a chrome bug
Reply #45 on : Wed November 30, 2011, 05:54:51
Chrome reports relative URLs als insecure.
Even when these URL's are relative to the current HTTPS page you are on and coming from the same site and trough the same SSL as the page you are viewing.

Infact.
When i make a page wich contains only the text 'test'. a plain HTML file with only the word 'test' and NOTHING else. It still flags it.

(Maybe related to chrome plugins we have installed?)
Jatinder
Posts: 46
Comment
any solutions with coding?
Reply #44 on : Tue October 18, 2011, 07:02:06
How we can achieve same with javascript or jquery.
hitesh
Posts: 46
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #43 on : Wed October 05, 2011, 02:02:24
In my site there one external css & js which is creates problem for me in HTTPS, and i can’t remove that because it is important, and also not able to download and set it up on my site…
They are also not provide css & js with https code…

So what to do? Please give me solution…
Thanks…
Robert
Posts: 3
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #42 on : Thu September 15, 2011, 06:56:18
Hi Hitesh,

You will either need to remove the items that can't be loaded from a secure https source or ask the site owners if they can set up https on their site.
hitesh
Posts: 46
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #41 on : Thu September 15, 2011, 06:42:39
Hi,

I have a one problem in my site for ssl, i remove all the absolute path and give relative path to all images and css, but there are few images & js which is coming from other site, so that's why it is gives me warning. And those sites are not ssl enabled so i m not able to give https:// for external images & js.

Thanks.
Sarah
Posts: 46
Comment
Relative links
Reply #40 on : Thu September 15, 2011, 06:16:58
I have a website that is using a lot of relative links, which I believed would mean this was not an issue, however the items being linked to are being reported as coming from http and not https :(

Any thoughts?
dapogz
Posts: 46
Comment
SOLUTION No2. Works great
Reply #39 on : Wed September 07, 2011, 03:06:03
even though this is an old thread THIS still ROCKS..

THANKS...
Andrea
Posts: 46
Comment
Re: Stop the "page contains secure and nonsecure items" warning
Reply #38 on : Sat July 02, 2011, 08:34:21
Thank you so much....I have been looking at my internet options to eliminate these pop-ups for awhile now!
Nelson
Posts: 46
Comment
Site Tests OK for all but Google Chrome
Reply #37 on : Tue June 14, 2011, 15:18:42
I have a public page as https:// that tests just fine at www.whynopadlock.com. But Chrome v.12.0 using Mac OS 10.6.7 is reporting that non-secure items are being sent. All other browsers are not complaining. Is there a web tool that will see what Google Chrome is seeing? I did report the issue to Google using the Report-an-issue ... tool at the Help menu item.
Tony CL Chan
Posts: 46
Comment
Pay special attention to "http://"
Reply #36 on : Fri April 29, 2011, 03:54:03
If your page is using HTTPS, pay special attention to search your code to find any line hard coded "http://", this is the reason why you will have mixed secure and non-secure content.
Dm
Posts: 46
Comment
empty src
Reply #35 on : Fri April 29, 2011, 02:46:04
Hi all!

This secure message happens because src="" in my empty IFRAME tag in my case.
John
Posts: 46
Comment
where the code?
Reply #34 on : Sun April 10, 2011, 16:50:17
I have same issues in my secure sites.

Using the WhyNoPadlock website, I got the insecure URLs.

Now where should I look for this code?. For Contact, I looked at Contact-form.php files, but I could not find the '<img src= ' Where should I find that code, so that I could change it as advised here?
ezhumalai
Posts: 46
Comment
SSL Secure and Non Secure alert warning
Reply #33 on : Fri April 01, 2011, 06:25:14
Hi currently i am facing SSL Secured Warning as
" This page contain both secured and nonsecuerd. do u want to continue" Error in IE6..I changed all the images and Css and javascript URL to Https: but still am getting this Error in IE6...But same site when i browsed through IE7..its working fine..but i have problem in IE6..please can anyone help on this..
Rob Mangiafico
Posts: 46
Comment
Easy way to check if all items secure
Reply #32 on : Tue March 29, 2011, 12:31:55
One easy way to see if all the items on an SSL page are secure is to paste the https URL into the service at:

http://www.WhyNoPadlock.com/

It will analyze all the content on the page to verify all items are called securely, including css, JavaScript, images and even 3rd party SSL certificates for remotely called items.
Saurabh
Posts: 46
Comment
Thank you
Reply #31 on : Mon February 28, 2011, 10:05:43
Thank you so much for this. I was going insane with those stupid prompts.
John
Posts: 46
Comment
Great
Reply #30 on : Fri February 18, 2011, 11:32:53
Thanks Mate. You totally kept my sanity. I was ready to start hitting my monitor lol
Showing comments 1 to 20 of 49 | Next | Last

Write a comment


If you have trouble reading the code, click on the code itself to generate a new random code.
Security Code:
 
Post Comment