I have a site that is developed on HTTP, and later moved onto HTTPS. And it was throwing security warnings “This page contains both secure and nonsecure items”. Took me about an hour and a half to nail the cause down. Because all the conventional weapons I use were not able to find anything wrong. There was no HTTP request coming from this HTTPS page.

Had to resort to the tried and true basic method of elimination and divide-and-conquer.

The culprit was Firebug-Lite. Once it was commented out, the security warning no longer pops.
Suspected href=”javascript:void(0);”, and that was not the cause.

Changed all “http://” references to “https://” in all documents including the scripts files, and no, that did not help. Actually they did not matter.

Changed the http reference to https in the doctype declaration, and it turns out that that did not matter actually.

The only thing that mattered was Firebug-Lite.

  • Digg
  • del.icio.us
  • StumbleUpon
  • Sphinn
  • Facebook
  • Mixx
  • Google Bookmarks
  • Haohao
  • LinkedIn
  • Live
  • MyShare
  • MySpace
  • Reddit
  • Technorati
  • TwitThis

Related posts:

  1. Nonsecure Content Alert in IE
  2. Google Bar Causing Flash Video Page Script Error
  3. Javascript Functions Appear to Be Undefined to IE
  4. setInterval and Firefox
  5. Danger of Using Dreamweaver’s Auto Update When Moving Files and Folders

Tags: , , , , , , ,

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">