I am running a website on my local machine ("http://localhost/asdf") and trying to get some file:// protocol links to work. In reality I'm trying to open a folder, not a specific file, but I can't get either to work.
I've put localhost in my "trusted zone", I've tried every combo of "file" ,":", some number of "/" and then a whole bunch of different paths, but encoded and not encoded.
Nothing I do causes anything to open when I click on the link. If I copy the link destination, and paste that in the browser address window, then it works as expected.
Anyone know the secret?
Add your intranet site in the Intranet Zone in Security Tab.
Generally file:/// URLs shouldn't work on pages downloaded via HTTP, that they sometimes work in IE7 and earlier is a security issue.
We found that window.open method using the file protocol in the URL causes the method to fail. Under I.E. the behavior is erratic. In some instances, the object mentioned in the URL is opened but the window object instance is not created. In others, the URL failes to open. In some instances we noted that under Windows 7, the URL opens, under XP it does not. Under Safari,Chrome and Firefox, the URL never opened.
Local server is something different than just file://, that should work in IE as it is. However, if you probably want to check out apache alias and link that folder to your server. Btw, you should not use file protocol anyway, it will not work on production.
Related
In my windows machine I run a simple fileserver that serves certain files from a folder. I access these files via chrome/firefox browsers
For a certain file format (In my case ".bin" file) the xhr request always stalls with a message saying "pending". But If I rename the file extension to ".cbin" and reload the page on browser again it works.
Why are the browsers preventing a certain file to be loaded ? All of this used to work a month back without issues (ie loading the bin files). I have disabled my antivirus too.
Any help would be invaluable. Thanks
After hours of searching on the web and experimenting I realized that the browsers have recently added rules by which they block downloads of certain files (exe,dmg,zip,gzip,bin) etc on a http connection for security reasons.
Hope this will help someone who faces the same issue.
You can read more about this issue here and here.
I have a https site and need to show content from other sites that may or may not be themselves https. Predictably enough, I'm getting warning messages like this in the console...
"Mixed Content: The page at 'https://www.example.com/' (my server) was loaded over HTTPS, but requested an insecure image 'http://www.aninsecuredomain.com/image.jpg'. (not my server) This content should also be served over HTTPS."
(not to the mention the fact that I no longer see the little padlock displayed properly in most browsers who now consider my site's network insecure).
I've read through a bunch of posts on SO on this topic, but I can't seem to find a definitive answer on whether there's anything I can do when I don't own the external servers (so can't guarantee they'll have a https version). Appreciate any thoughts on whether this is possible, and if so how I could go about achieving it!
When you need to include content from another domain in an https webpages you can:
Make the owner of the other domain commit to https by explaining him the security reason behind that
Proxy the content through your website or host it yourself (if you have right to do it)
(If you don't see the padlock anymore it's because your page is no longer secure because it include insecure elements that could have been tempered: it's not they "consider my site's network insecure", it is indeed insecure!)
You should use the // prefix. (instead of http[s]://)
On an https page, the secure version wil be loaded.
On on a plain http page, the plain http version will be loaded.
Edit your theme replacing every occurence of http://fonts.googleapis.com/... with //fonts.googleapis.com/...
I am running a site. Some of its pages are not working in Firefox, but work perfect in Chrome. In Firefox it shows me a gray shield next to the URL and when I click on that shield and manually click on disable protection on this page then my page works fine. So now the problem is that there are many users on my site, and some of them don't know how to do it so I want to handle it on my site so its users don't need to do that.
How can I do it? I Googled and found a setting of Firefox in about:config named security.mixed_content.block_active_content. If we set it to false then it works. So is there a way to do it programmatically or other way so that users just view that page without seeing that shield?
As I understand it, content that is blocked by default by Firefox now is http content that is accessed from an https page. Common types of content that fall foul of this are external stylesheets and images.
As far as I am aware the way to prevent the problem on your site is to make sure that if a page is served by https, any and all other files that it references are also served by https.
Hi Friends,
The reason you see this error in Mozilla Firefox is because your
website is a Mixed Box that is, your website has many internal links
which are not SSL protected.
In order to avoid this error from showing up in Mozilla Firefox you
will have to make sure all the internal links on your website are SSL
protected.
So, Use https:// in your page not http://
I hope I was clear enough in answering your query.
firefox has blocked content that isn't secure means there are some contents on your website are not secure.
I had same issue as my fonts were downloading with http://google.apis.something instead of https
Then I change to //google.apis.something and problem get solved.
To know what is not secure in you website use this link
I made some changes to a CSS file, uploaded it and saw no change. I cleared my browser's cache, repeated the process and still nothing. I also tried another browser and then experimented with other files - all the same result.I then deleted the CSS file altogether - the website still looks the same and I can still see the files in the browser's console.
I can only get results if I actually change the file names altogether (which is really inconvenient). I dont think there is an issue with FTP overwriting the file as there are no errors in FileZillas logs.
Is there another way a website can cache its self? Would anyone know why this is occurring?
EDIT:
I also tried this in cPanel's File Manager and viewed it on another PC - same result
Squid and other web accelerators often sit between a hosted server and your browser. Although they are supposed to invalidate their caches when the backing file changes, that information isn't always sent to specification or acted on properly.
Indeed, there can be multiple caches between you and the server each of which has a chance of hanging onto old data.
First, use Firebug or "Inspect Element" in chrome.
Verify that the css file that the browser is loading the file you think is should load.
Good luck.
Browsers can cache things, did you try SHIFT-F5 on your webpage to force a reload of everything?
Maybe the main server has cached configuration setup to other servers, check with your IT department. If this is the case, you need to tell them to invalidate the cache through all the cached servers.
I had the same issue with fileZilla to solve it you need to clear the file zilla cache or change the name of the files you are uploading.
Open FileZilla and click on the Edit menu.
Choose Clear Private Data.
In the new dialog box, check mark the categories you’d like to clear: Quickconnect history, Reconnect information, Site Manager entries, Transfer queue.
Finally, click OK to validate
This seems like a simple question, but I just can't seem to wrap my head around it...
I have a simple html page. All that html page does is looks to see whether a browser cookie is present, and if it is, it will write a message that says "Found the cookie".
In order for this html page to work, it needs to be opened in a browser using a url that uses a specific domain "mytestsite.org" in the path in order to work. So I want to be able to open that page in a browser using a url like "www.mytestsite.org/mytestpage.html". Easy enough...
When I use this test page locally, I just deploy it to a local JBoss server, then make a mapping in my "hosts" file (I'm on Windows XP), that maps my local IP to "local.mytestsite.org". This tricks the browser into thinking that it is actually getting the page from "mytestsite.org", when it is actually being served by my local JBoss server.
I want to give this html file to another person who is going to use it on their pc. However, they don't have any sort of http server installed, so the little host mapping trick won't work. I don't want to make them go through the trouble of installing a server just to get this test page to work. Additionally, I can't physically put this file on "mytestsite.org".
Any thoughts on how I could open this page through a "mytestsite.org" url through a browser, without actually having it deployed to a server?
Is your test machine with JBoss installed accessible from the Internet? If so, you may ask the other person to add a mapping to their hosts file, that maps local.mytextsite.org to the public IP of your test machine.