html - Https and Http for iFrame

admin管理员组

文章数量:1315364

I have EMI Calculator, Which is working perfectly fine when i use - http:// (Visible) - .html

But when i use https:// -- Nothing is visible .html

Can anyone tell, how can i make it visible over https..

Refernce to each css is here-

1) <link rel="stylesheet" type="text/css" href=".css"/>

2) <link rel="stylesheet" type="text/css" href=".css"/>

3) <script src=".js" type="text/javascript">

4) </script><script src=".js" type="text/javascript">

I have searched over the google, some says its is due to mixed content, then i transferred the each CSS and JS to my server (which is on SSL layer), Still the same error

Some Says, iframe content is not secured and https make the secured layer, so there is conflict..

I just want to display the EMI Calculator in my site using https.

Thanks

I have EMI Calculator, Which is working perfectly fine when i use - http:// (Visible) - http://creditsmart.in/wp-content/themes/voice/emicalc1.html

But when i use https:// -- Nothing is visible https://creditsmart.in/wp-content/themes/voice/emicalc1.html

Can anyone tell, how can i make it visible over https..

Refernce to each css is here-

1) <link rel="stylesheet" type="text/css" href="http://getprogramcode/wp-content/uploads/2015/07/calc-bootstrap.css"/>

2) <link rel="stylesheet" type="text/css" href="http://getprogramcode/wp-content/uploads/2015/07/emistyle.css"/>

3) <script src="http://getprogramcode/wp-content/uploads/2015/07/emicalc-lib.js" type="text/javascript">

4) </script><script src="http://getprogramcode/wp-content/uploads/2015/07/emicalc-main.js" type="text/javascript">

I have searched over the google, some says its is due to mixed content, then i transferred the each CSS and JS to my server (which is on SSL layer), Still the same error

Some Says, iframe content is not secured and https make the secured layer, so there is conflict..

I just want to display the EMI Calculator in my site using https.

Thanks

• html
• https

Share Improve this question asked Feb 28, 2016 at 6:59 Amul BhatiaAmul Bhatia 11722 gold badges22 silver badges55 bronze badges

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 1

Because your server is HTTPS, the only way you can accomplish this is rendering the content on your server or getting the 3rd party to upgrade their server content to HTTPS. It's just the rule of the Internet.

To fix the mixed content issue, pull all the JS and HTML you need into your own server. It's a calculator after all right? Does it need a database? If you need permission then talk to the owner and see if there are options.

I would say change all URLS from http:// to // but you actually want to change EVERYTHING to https:// and if it fails... don't use it.

I've faced a similar problem a while back from a video hosting solution. The only way to fix it was to call the company, set the CDN to HTTPS, and re-transcode all videos which forced the content onto the new secure server.

You just can't embed insecure content into a secure site, for many good reasons...

Why HTTPS for Everything?

Every unencrypted HTTP request reveals information about a user’s behavior, and the interception and tracking of unencrypted browsing has become commonplace. Today, there is no such thing as non-sensitive web traffic, and public services should not depend on the benevolence of network operators. When properly configured, HTTPS can provide a fast, secure connection that offers the level of privacy and reliability that users should expect from government web services.

Prevent mixed content ( google )

Mixed content refers to a webpage where the initial HTML content is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are then loaded over an insecure HTTP connection. This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS. Modern browsers display warnings about this type of content to indicate to the user that this page contains insecure resources.

Mixed content ( mozilla )

When a user visits a page served over HTTPS, their connection with the web server is encrypted with TLS and is therefore safeguarded from sniffers and man-in-the-middle attacks. If the HTTPS page includes content retrieved through regular, cleartext HTTP, then the connection is only partially encrypted; the unencrypted content is accessible to sniffers and can be modified by man-in-the-middle attackers, so the connection is not safeguarded. When a web page exhibits this behavior, it is called a mixed content page.

---

To check for other mixed content on your site you can use a service like Why No Padlock?.

本文标签： htmlHttps and Http for iFrame