davej Posted March 2, 2014 Share Posted March 2, 2014 (edited) This document seems to say that mixed connections can't happen... https://developer.mozilla.org/en-US/docs/Security/MixedContent ...but I'm sure I've had http connections that loaded documents through https links, so how were those documents actually loaded? Edited March 3, 2014 by davej Link to comment Share on other sites More sharing options...
justsomeguy Posted March 3, 2014 Share Posted March 3, 2014 That doesn't say that mixed connections can't happen, it explains the behavior of Firefox if they do happen. The most common problem is when you have a page served over HTTPS but you are linking to content (images, stylesheets, etc) over HTTP. Most browsers will show that as a warning and make you perform some action to see the non-secured content. If the page is served over HTTP and you link to content over HTTPS then most browsers don't care about that. The connection is not encrypted to begin with, so the browser doesn't care if some things are encrypted. The browser has a problem with the initial connection is encrypted, but other requests are not. Link to comment Share on other sites More sharing options...
davej Posted March 5, 2014 Author Share Posted March 5, 2014 (edited) Well, I'm still experimenting. I did find this discussion regarding mixed HTTP -- HTTPS local storage, but it looks pretty confusing... http://stackoverflow.com/questions/10502469/is-there-any-workaround-to-make-use-of-html5-localstorage-on-both-http-and-https ...which may be related to... http://www.nczonline.net/blog/2010/09/07/learning-from-xauth-cross-domain-localstorage/ Edited March 5, 2014 by davej Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now