Question

Browser warning for non-secure content when using https?

8

I have a project running through IIS with SSL-encryption. So the URL is https://. When I log in, while the welcome page renders, I recieve a browser-security warning. What action can cause this warning? Are there any non-secure transactions between the client and the XAS? The warning occurs right before showing the data and rendering the menu. This is the screenshot:

asked 2009-08-19

Wouter Visser

2 answers

Arjen Hoekstra · Answer 1 · 2009-08-20

All transactions between the browser and the server are secure when using https, so you don't have to worry about that. An explanation for receiving this message is that some resource to which is referred is retrieved without https. For example, this could be an image or some other resource to which a CSS file refers using a direct link with "http://". Are you using a custom theme? Which Mendix version are you using? Do you only experience problems with IE8 or also with other browsers?

Michiel Kalkman · Answer 2 · 2009-08-22

This is probably a bug in Internet Explorer. From the look of your screenshot I would guess that you are running this in IE8 on Windows Vista without a custom theme package.

Internet Explorer has an unfortunate history of being a very, very bad piece of software. Microsoft's recent attempts to revitalize their browser have been hobbled by their lack of commitment to standards and their dedication to legacy code.

I suggest you file this as a bug in MXDN. If it is, as I suspect, an IE issue, it has to be reproduced, isolated and fixed structurally (via the IE checks) in all subsequent Mendix releases.