You are viewing limited content. For full access, please sign in.

Question

Question

Only secure content is displayed

Forms
Updated August 16, 2019
asked on July 26, 2019

Hi, 

 

One of my customer's is having an issue with their form when using it from IE. It displays a message at the bottom of the page that says "Only secure content is displayed." The site is protected with SSL. Can someone please let me know if it's possible to prevent this message from being displayed? Thanks in advance. 

 

Brian 

 

secure content displayed.jpg
secure content displayed.jpg (3.74 KB)
Download
0 0

Answer

SELECTED ANSWER
replied on August 15, 2019

That's the Forms notification service.

1 0

Replies

replied on July 26, 2019

The site is protected with SSL. Can someone please let me know if it's possible to prevent this message from being displayed? 

 

  1. Don't use IE
  2. Check the IIS site bindings to ensure only https traffic. 

 

... or disable the display mixed content prompt in IE security.  Seriously don't use IE. 

 

0 0
replied on July 26, 2019

You can open the browser's web tools and see what it's trying to load over HTTP. It's possibly a background image or something like that referenced directly with a HTTP URL.

0 0
View 6 previous replies
replied on August 8, 2019

Thanks, Miruna. If there's no external HTTP sites referenced for images, are there any other possibilities? 

0 0
replied on August 8, 2019

Someone at the customer site with experience with this message chimed in with this below, but I'm not sure what to make of it since no external images are being referenced in the form, and I don't understand how to get it to automatically rewrite. 

 

For web applications to remediate mixed content errors, the two methods that I'm aware of are:

  1.        Load all resources via HTML source instead of specifying the HTTP or HTTPS protocols. For example:

Use “//domain.com/path/to.file” instead of “http://domain.com/path/to.file

  1.       OR, the CMS or application can use a plug-in to automatically rewrite HTTP resources to HTTPS
0 0
replied on August 9, 2019 Show version history

Right, those are the generic mitigation steps for mixed content warnings. But in order to rewrite paths, you need to find them.

If you look in your browser's developer tools when you load the page, it should show something like this:

That should point you in the right direction for finding the culprit.

The screenshot above is from Chrome. IE is not as obvious about it: you get a message in the console tab, but you have to hunt down the file on the Network tab

0 0
replied on August 9, 2019 Show version history

Thank you. This is very helpful. I checked the Console and Network tabs and I did not see a mixed content warning despite getting it at the bottom of the page.
On the network tab, everything that is listed there has HTTPS and there are no HTTP instances listed. So I'm not sure at this point what could be causing this message. Also, this is only being displayed when a user clicks on a task in the inbox and the form opens for approval.

0 0
replied on August 9, 2019

So that's where you'd want to look at the calls in the developer tools. The form might be using a JavaScript file or something like that referenced directly from another website.

0 0
replied on August 9, 2019

I checked the java script and there's no references to http. Please see screen shot. Also, a co-worker says that she gets this message just from going to the forms inbox, but this message only appears for me when I open a form to approve. 

Java Script.jpg
Java Script.jpg (65.85 KB)
Download
0 0
replied on August 9, 2019 Show version history

My co-worker was able to find this message. Any idea where we can find where this URL to update it to the FQDN so that it will work with our cert? Thanks 

HTTPS Security is comprimised.PNG
HTTPS Security is comprimised.PNG (100.6 KB)
Download
0 0
SELECTED ANSWER
replied on August 15, 2019

That's the Forms notification service.

1 0
replied on August 16, 2019

Thank you, Miruna. I did just need to click the check box for Use SSL on the Notification Service tab of the configuration. 

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...