Home » .Net FrameworkRSS

Connection Partially Encrypted

I have a page uses Master page with CSS and images. The page is on the secure server. However, I kept getting this "Connection Partially Encrypted" on the Firefox side and on the IE side, it kept prompting me with a security warning popup box. How do I track down which images or files that are NOT in the secure server? Another word, I'm trying to fix this problem. How do I go about doing it?

Many thanks for any help.

 

3 Answers Found

 

Answer 1

Just to identify the connection  type for your document data such as images/css/js files  you can use Adblock Plus Extension for Firefox as shown:

Uploaded by CandorZ

You have to configure in IIS to serve images/css/js files as script documents to get them served via HTTPS

 

Answer 2

Thanks for the response but I'm not sure if you understand what I'm trying to do. I'm creating a page  that resides in a secure  site website. Whenever a user access this page, IE prompts with a Security Warning popup  window. How do I figure out which images/js/scripts that's causing this to occur. I just installed the AddBlock Plus addon but I'm not sure how this addon is going to help  me figure out.

 

Answer 3

Click the image to get the full pic, everything is there. It doesn't fits fully in my browser window!

Are you able to get a window frame similar to what I posted, titled "Blockable items on current page"? If not Click the ABP Icon that I have encircled...

Now from the roots to the twigs:

Suppose you want to fetch a page, lets say: https://candorz.asp.net/something.aspx

So how would the browser work? We wont be getting into n/w details so I will skip some unneeded items...

1. It will GET /something.aspx from candorz.asp.net using HTTPS, ok?

The server  will return the page's HTML, say like:

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>
        CandorZ Demo Example
    </title>
    <link href="StyleSheet.css" rel="stylesheet" type="text/css" />
    <link href="http://candorz.asp.net/StyleSheetNew.css" rel="stylesheet" type="text/css" />
    <script src="http://candorz.asp.net/JScript.js" type="text/javascript"></script>
</head>
<body>
    <form name="form1" method="post" action="Default44.aspx" id="form1">
<div>
</div>
    <div>
        <img src="CandorZ.jpg" />
    </div>
    </form>
</body>
</html>

Now the browser after getting this HTML, will search for all the CSS/JS/IMG files  in it

For each file it will make a request to the webserver again. For the above example they can be:

2. It will GET /StyleSheet.css from candorz.asp.net using HTTPS

3. It will GET /StyleSheetNew.css from candorz.asp.net using HTTP

4. It will GET /JScript.js from candorz.asp.net using HTTP

5. It will GET /CandorZ.jpg from candorz.asp.net using HTTPS

So total 5 requests will be made to render the above URL

IE/FF/... will recognize that (3) and (4) are loaded with HTTP for an HTTPS URL so it will show you a warning!


How ABP helps?

It shows you the protocol that is loading the element. I have highlighted the protocol in the "Blockable items on current page" frame's Address. From that you can easily identify which elements are loaded over HTTP only...

Hope this clears out!

See Ya!

 
 
 

<< Previous      Next >>


Microsoft   |   Windows   |   Visual Studio   |   Follow us on Twitter