General discussion

Locked

Unencrypted Info on encrypted web page

By yuemo ·
Sometime when I access a SSL web page, I get a warning message like the encypted web page containing unencrypted information.

This only happens in Netscape or Mozalla, not in IE.

If I look at the page info, everything (all the component pages and images) seems encrypted.

What does this information really means? How could I prevent it?

Thanks!

-Yuemo

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Unencrypted Info on encrypted web page

by TechD00d In reply to Unencrypted Info on encry ...

I normally see this behavior when the site has been built using a frame-set. Secure content will be loaded into one frame but the other frames that make up the page will display the non-secure content(such as a page header or nav-bar). The message also usually gives the user an option as to whether or not to display the non-secure content. Try telling the browser that you don't want to display the non-secure content and see what doesn't show up ; )

Collapse -

Unencrypted Info on encrypted web page

by TechD00d In reply to Unencrypted Info on encry ...

Well, the message I usually see is something like (and I'm paraphrasing) "This page contains both secure and non-secure items. Do you wish to display the non-secure items?" If that is the message that you are getting, then click "No" and see if the content that you are concerned with displays properly. If you still see the form, then I would say that you are secure. Of course, always check for the padlock in the bottom status line of your browser. And if you want to test it, just enter some bogus info and observe the entire process. Without knowing the exact site that we are discussing, I probably can't give a more exact answer than that. However, always remember that there is more involved in security than technology can ever address fully. In any process in which humans are involved there will always be weaknesses in the security model that can't be fixed by technology alone. You must always factor in the reputation and history of the site that you are dealing with. As a general rule, giving your credit card info to a web site is inherently safer (or at least just as safe) as giving your credit card to a waiter and watching him disappear into the back room to total your check

Collapse -

Unencrypted Info on encrypted web page

by yuemo In reply to Unencrypted Info on encry ...

Thanks for your comments.

The message you mentioned appears in IE sometime as I recall. It does not apply to my case.

When I submit a form, the following message appears in Netscape: "Warning! Although this document is secure, the information you have submitted is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancell the submission." This message or the one you mentioned does not appear in IE.

Actually we host such a web site, and the code is developed by another company. I will contact the developers regarding this.

I will close this question. You may send your comments to me at yuemo@yahoo.com.

Thanks again!

-Yuemo

Collapse -

Unencrypted Info on encrypted web page

by yuemo In reply to Unencrypted Info on encry ...

The site does have frames. So that probably is the cause. The scare part is that when you type in something in a form, the warning message comes up. IE does not have such a behavior. The bottom line questions will be that is this still secure if youignore the message?

Thanks!

Collapse -

Unencrypted Info on encrypted web page

by yuemo In reply to Unencrypted Info on encry ...

This question was closed by the author

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums