You opened your website to see how fascinating it looks (from user point of view). You are tempted to set on with business as now you have secured your website with world’s most convenient and trusted technique ‘SSL certificates’. In-between this, a dialog box pops-up displaying the error message “This page contains secure and non-secure items. Do you want to display the non-secure items?” Your all excitement fades away because this error message has the potential to reduce the trustworthiness of your website.
Why The Browser Does Show Such Type Of Error?
There is nothing serious to be worried about in this case. It is just that the website sometimes contain elements which is not secured i.e. “not https” within a secured page “https”.
Usually, unsecured elements may constitute of images, frames, iframes, Flash and JavaScripts.
All you need to do is to find such elements from the page either manually or using a tool like: WhyNoPadlock.com.
Solution:
A few ways to solve the above problem are stated below:
1) You can change all the URLs to https
For this open the problematic page and look for “http://” and change all the references of the images, iframes, Flash and JavaScripts to “https://”.
As for example:
<img src=“https://www.domain/image.gif” alt=“example”/>
Note: This solution is not valid for the image downloaded or copied from another website which is not secured with SSL. Due to this method you will be able to load the images even when the client will be loading the image from the unsecured page.
This will increase the load on the server and the client which is not recommended for a big site.
2) Make the links // or make them relative
To get rid of the problem you can opt to change all the links to just “//” instead of making them “https”.
<img src=“//www.domain.com/image.gif” alt=“example”/>
Also if the images or scripts lay on the same domain, then make them accessible relatively and not absolutely:
<img src=“image.gif” alt=”/>
The above code will load the image securely if the web page is secured and if the page is not secured it will load it normally.
3) Change the settings of the browser
Definitely changing the code of the issuable page is the best option but what if you do not have access to change it? In such case you can get rid of the error by following the below steps:
- In the settings of the browser, select the Internet Options from the Tools menu.
- Click on the “Security” tab and later on the “Custom Level” button.
- Go to the end of the page and you will find an option stating “Display mixed content”. Select “Enable” radio button.
- Click the “Ok” button and in the “Security Warning” pop-up click yes.
