Re: Is there a way to avoid/security alert box from redirecting to HTTP to HTTPS?

To be clear, the issue is not how to "suppress the security alert box" but
rather "how do I do it correctly to avoid security vulnerability".

There is a good reason that the client warns the user because the server is
about to do something insecure. You should be thinking about how to do it
correctly and securely, not how to suppress the warning.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Jayanthv" <jayanth.vishnuvardhan@xxxxxxxxx> wrote in message
news:1151949718.667054.280380@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,

I'm still unable to supress the security alert box.. please help me..?
Im' getting the below security alert box message

"Information you exchange with this site cannot be viewed or changed by
others. However there is a problem with the site's security
certificate..

Then

1)....

2)....

3)...

Do you want to proceed?

YES, NO, CANCEL?

I'm getting same message box even though i changed by Internet
explorer->Tools->Internet options->advanced->checked all the 3 security
check boxes under the security tab.

Pleae advice and if possible some code to avoid this security box?

Thanks in advance..





Daniel Crichton wrote:
Jayanthv wrote on 28 Jun 2006 14:45:25 -0700:

I saw some questions and answers which says we cannot supress the
security alert box when redirecting from HTTP to HTTPS?

But i saw many sites are easily redirecting from HTTP to HTTPS without
security alert box..

How can i code such that i should not get alert box from HTTP to HTTPS?

please help me..

As Roger pointed out, the warning is normally when you redirect from
HTTPS
to HTTP.

What is the exact text of the warning message? Have you checked the pages
visible in the HTTPS connection to make sure none of them have full
references to images/javascript files/etc including HTTP:// ? That's
normally the mistake made - when viewing a page over HTTPS with images
being
pulled from HTTP there will be a client warning, as not all the elements
of
the page are encrypted.

Dan



.

Relevant Pages

  • Re: Is there a way to avoid/security alert box from redirecting to HTTP to HTTPS?
    ... I'm still unable to supress the security alert box.. ... But i saw many sites are easily redirecting from HTTP to HTTPS without ... the warning is normally when you redirect from HTTPS ...
    (microsoft.public.inetserver.iis.security)
  • Re: Disable
    ... Hi LuckyStrike I've tried that as well but the security alert I am talking ... > me to eliminate the dialogue box. ... >> That first box is disabled already, but when you move from https to http, ... >> you get a second security alert, that's the one I want to have disabled. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Is there a way to avoid/security alert box from redirecting to HTTP to HTTPS?
    ... security alert box when redirecting from HTTP to HTTPS? ... But i saw many sites are easily redirecting from HTTP to HTTPS without ... the warning is normally when you redirect from HTTPS ...
    (microsoft.public.inetserver.iis.security)
  • SSL Redirect BEFORE Security Alert Popup
    ... Security Alert Popup window is displayed before I can get ... Assume that I need secure.domain.com to be https and ... make both www.domain.com (and cert www.domain.com). ...
    (microsoft.public.inetserver.iis.security)
  • Re: Security Alert Popup Office 2007
    ... The message bar contains the warning as I said, but I can turn that message off from the "trust centre" but it still invokes the security alert when you go to show presentation. ... I don't see why I should hack the registry consent and even if it will cure the pop up, when there should be a way of disabling it. ...
    (microsoft.public.powerpoint)
Loading