I have one website which is on https and I want to access RSS feeds from third party http website. However, it is not working. It gives following error:
Blocked loading mixed active content
“http://hub.moderalofts.com/hubsFront/embed_collection”
Anyone has idea how to resolve it?
Related
After installing ssl certification in the website, it is showing a shield symbol with a warning "This page is trying to load scripts from unauthorized sources". How to resolve the issues? Should i change all the http to https through out the project or any other ways are there to resolve this issue?
If you are loading a page on HTTPS all resources should be loaded using HTTPS. No resources will be allowed to load using HTTP if the page was loaded on HTTPS.
This is expected behavior, When your site is hosted with SSL and you are consuming resources the without SSL(i.e. http) than the warning will be shown.
You can handle such scenario by putting URLs without protocol like
//www.example.com
It will automatically take protocol of host.
Deployed application on Heroku (zrecipe.herokuapp.com) but it does not work (work perfect local). Code is at https://github.com/zzheads/RecipeSite.
Development tools shows error message:
Mixed Content: The page at 'https://zrecipe.herokuapp.com/'
was loaded over HTTPS, but requested an insecure script
'http://code.jquery.com/jquery-1.11.0.min.js'.
This request has been blocked; the content must be served over HTTPS.
I think problem is my ajax requests in program are trying load something from HTTP, without SSL, page is supposed to be secure but my app are trying to load non-secured objects. How I can get rid of this?
Please use the -s command line parameter.
We have an SSL content management (vendor) site that is embedded in salesforce via iframe. The vendor has permalinks for a certain subset of pages. We simply have the full link https://test.com/portals/default.asp?perm=2421. Very simple... User clicks on it in Chrome or FF... boom link doesn't work and spits out the mixed content error below. I know this is a vendor issue but how can a browser detect it is going to an http page when the link is https and the final page they would be take to is https?
Mixed Content: The page at
'https://na2.salesforce.com/servlet/servlet.Integration?lid=01r400000001jzz&…15MHlOVlF4TmpveU1Eb3lNQzR5TlRSYSwxSTVmT0xTdzlpNTQ0c2FTTWdWT1JqLFlXWmtNR0po'
was loaded over HTTPS, but requested an insecure resource
'http://test.com/portals/default.asp'. This request has been blocked;
the content must be served over HTTPS.
You are on an https webpage ( https://na2.salesforce.com ) and try to load an http ressource ( 'http://test.com/portals/default.asp ).
Most browser block it for security reason (even if the http request will redirect to https).
I'm using sipml5 to connect to a sip phone service and one of the setting is the service websocket server URL. the problem is that the server url is not secured (ex. ws://123.123.123.123:9999/ws) and it cannot be accessed on wss://. Because of that, when loading my site on a HTTPS connection, the browser blocks the request automatically, it doesn't behave like it does when loading let's say, an image over http, and then shows a warning.
Error is: [blocked] The page at 'X' was loaded over HTTPS, but ran insecure content from 'ws://....': this content should also be loaded over HTTPS.
I need to know if there is a way to make the browser connect to ws:// even though the page initializing the request is loaded over https.
Please help.
EDIT:
What I'm looking for is a flag or something like that, in Chrome or Firefox for example, which lets the user access insecure resources even though the page is loaded on https.
Why you are using http? You can get an ssl certificate from https://letsencrypt.readthedocs.org/en/latest/intro.html
then add the following details to http.conf
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem
I am newbie Parse and I have a problem. I want to use parse classes for dynamic content such as blog posts. Everyting works as expected there is no problem ; but when I try to fetch as google in Google Webmaster Tools it says AJAX blocked. So google will not index this content anyway.
when I follow the link I saw this below.
this is what I see when follow class link
So google crawler try to get ajax content but it comes to it with a ConnectionFailed aka 100 error. (I tested it to show in a label on page what returns in parse query error callback. So I see what renders google)
Am I doing something wrong is this an expected behaviour ?
Anyone knows how to solve this ?
Btw: I am hosting this website on heroku with custom domain over https (with cloudflare dns redirected and free ssl)
I also deployed to Parse Cloud Hosting unfortunately the result is same :(
This is the full result of the Fetch as Google :
full page result of fetch as google
The page at https://api.parse.com/1/classes/GameScore is asking for authentication, and it's throwing a 401 Unauthorized status code for unauthorised requests. That's already a problem.
Besides that, the page at https://api.parse.com/robots.txt is currently showing
User-Agent: *
Disallow: /
Googlebot can't access that page because it's disallowed for crawling in the first place, but even if it could access it, it would run into an authentication gate which it wouldn't be able to pass.
If the content from that URL (https://api.parse.com/1/classes/GameScore) is essential for the page where its referenced/used, you would have to work with Parse to allow crawlers access those URLs.
If it's not essential, then you can safely ignore that warning.