SSL showing non-secure in some browsers?
I have had a few cases recently where a customer will complain about a specific browser giving them a non-secure connection, or mix-ed mode error on some browsers. Most commonly, older versions of IE are the culprits, but I have seen a case where Firefox 4 showed a page as non-secure while IE8 and 9, Chrome and Safari all had no issues with it. When your customers are banks, you want to make sure even their customers running obsolete IE6 and IE7 browsers see the padlock, despite the other mountain of issues involved with supporting older browsers.
Any one little item can be the culprit. Some browsers don't consider certain connections to be an issue, while others do. The obvious things to check first are script source paths for js libraries, etc... Make sure those are using https. As of the time I am writing this, embedded Google maps cannot be on an SSL page.
However, when all else fails and you find yourself sifting through nested js files and searching for image source paths that might lead to the problem, there is a better way. It's called Fiddler.
Fiddler (2) is a web debugging proxy tool. You basically install it (Windows only) and then fire up a browser. Every connection established by your browser will show up as a line item. The secure connections have a padlock. You can quickly isolate which item is causing your mixed-mode or non-secure connection.
It sure saved me a lot of time and its usually the first thing I run to now when I have an inconsistent SSL / mixed-mode issue.
Any one little item can be the culprit. Some browsers don't consider certain connections to be an issue, while others do. The obvious things to check first are script source paths for js libraries, etc... Make sure those are using https. As of the time I am writing this, embedded Google maps cannot be on an SSL page.
However, when all else fails and you find yourself sifting through nested js files and searching for image source paths that might lead to the problem, there is a better way. It's called Fiddler.
Fiddler (2) is a web debugging proxy tool. You basically install it (Windows only) and then fire up a browser. Every connection established by your browser will show up as a line item. The secure connections have a padlock. You can quickly isolate which item is causing your mixed-mode or non-secure connection.
It sure saved me a lot of time and its usually the first thing I run to now when I have an inconsistent SSL / mixed-mode issue.
Comments
Post a Comment