GoFuckYourself.com - Adult Webmaster Forum - View Single Post - So I finally changed one of my sites to HTTPS...

Bladewire · 02-25-2017, 10:48 AM

html - How to allow http content within an iframe on a https site - Stack Overflow

The best solution I created is to simply use google as the ssl proxy...

Code:

https://www.google.com/search?q=%http://yourhttpsite.com&btnI=Im+Feeling+Lucky

Tested and works in firefox.

Other Methods:

Use a Third party such as embed.ly (but it it really only good for well known http APIs).
Create your own redirect script on an https page you control (a simple javascript redirect on a relative linked page should do the trick. Something like: (you can use any langauge/method)

https://mysite.com That has a iframe linking to...

https://mysite.com/utilities/redirect.html Which has a simple js redirect script like...

document.location.href ="http://thenonsslsite.com";
Alternatively, you could add an RSS feed or write some reader/parser to read the http site and display it within your https site.
You could/should also recommend to the http site owner that they create an ssl connection. If for no other reason than it increases seo.
Unless you can get the http site owner to create an ssl certificate, the most secure and permanent solution would be to create an RSS feed grabing the content you need (presumably you are not actually 'doing' anything on the http site -that is to say not logging in to any system).

The real issue is that having http elements inside a https site represents a security issue. There are no completely kosher ways around this security risk so the above are just current work arounds.

Note, that you can disable this security measure in most browsers (yourself, not for others). Also note that these 'hacks' may become obsolete over time.

02-25-2017, 10:48 AM
Bladewire StraightBro Industry Role: Join Date: Aug 2003 Location: Monarch Beach, CA USA Posts: 56,229	html - How to allow http content within an iframe on a https site - Stack Overflow The best solution I created is to simply use google as the ssl proxy... Code: https://www.google.com/search?q=%http://yourhttpsite.com&btnI=Im+Feeling+Lucky Tested and works in firefox. Other Methods: Use a Third party such as embed.ly (but it it really only good for well known http APIs). Create your own redirect script on an https page you control (a simple javascript redirect on a relative linked page should do the trick. Something like: (you can use any langauge/method) https://mysite.com That has a iframe linking to... https://mysite.com/utilities/redirect.html Which has a simple js redirect script like... document.location.href ="http://thenonsslsite.com"; Alternatively, you could add an RSS feed or write some reader/parser to read the http site and display it within your https site. You could/should also recommend to the http site owner that they create an ssl connection. If for no other reason than it increases seo. Unless you can get the http site owner to create an ssl certificate, the most secure and permanent solution would be to create an RSS feed grabing the content you need (presumably you are not actually 'doing' anything on the http site -that is to say not logging in to any system). The real issue is that having http elements inside a https site represents a security issue. There are no completely kosher ways around this security risk so the above are just current work arounds. Note, that you can disable this security measure in most browsers (yourself, not for others). Also note that these 'hacks' may become obsolete over time.