Disable IE Security Warning HTTPS

Portal Home > Knowledgebase > SSL Certificates > Disable IE Security Warning HTTPS

A default installation of Internet Explorer has some security settings that can be annoying at times though technically they are the correct way to have things configured. One that will pop up a lot if the default settings is left untouched the the display of “mixed content” or display a HTTPS URL that has HTTP content mixed into it. Technically when visiting a secure webpage being delivered over SSL there should not be any HTTP items on the page as it leaves the door open for a security breach. The problem is there are a ton of web sites out there that display mixed content.

Error message in IE 7 and earlier:

"This page contains both secure and nonsecure items"

Error message in IE 8:

"Do you want to view only the webpage content that was delivered securely?"

This problem arises when an https-enabled page includes http content like images. Different browsers and browser versions provide varying security alerts.

This prompt can either be disabled to never ask and at the same time never show non secure content on secure pages or you can enable the ability for the browser to display mixed content on secure pages.

To disable the display of mixed content prompt go to:

Internet Options > Tools in the top navigation and select Internet Options from the drop down

Custom Level Security: Now click on the Security tab and then click the Custom Level button near the bottom of the Security tab

Modify Mixed Content Prompt: Scroll down to the Miscellaneous section where you can select Disable, Prompt, or Enable for the “Display mixed content” option as shown in the below image

Save Settings: Once you have made your selection click the OK button, then the Apply button, and then the OK button to close Internet Options.
Restart your browser for the changes to start working. You will no longer get the prompt if you changed to Disable or Enable however if Disable was selected some pages may be missing images or other objects. If you did select Disable know that you made the correct choice when it comes to being secure online.

For web sites owners with SSL (HTTPS) sites

This happens when some part of the webpage tries to load content from a nonsecured source of another webpage. This content could be JavaScripts, images and/or even frames within the webpage.

Example:

If you look at the source code for a secure webpage (address bar contains https:// in the beginning).

This tag in a secured website may cause the error message to display. If you click on 'No', the website will still be secured, however the image may not display to keep the website secured. When you are dealing with an entire frame or even the CSS (Cascading Style Sheet) being pulled from another place that is unsecured, clicking on 'No' will completely distort the webpage. There are a few solutions to try when fixing this, however as the possibilities are endless, this article will only focus on the above string to give the reader an idea on what could be causing the issue.

Solution 1 - Change the links to https://

Whenever you see http:// in the source code, you should change it to https://

This method however may not work if the webpage that the image is being loaded from does not have an SSL Certificate installed on it. This method also loads the SSL images when the client is loading from a nonsecure page. This will provide a longer processing load on both the client and the server meaning that solution 1 is not recommended for a high volume site.

Solution 2 - Change all the links to //

Instead of changing the source code from http:// to https://, change them to just //

Solution 3 - Make the links relative

Providing that all the images are located within the same domain, you can access them relatively, rather than absolutely.

Add to Favourites Print this Article