secure and non secure items message

Discussion in 'Windows Vista Security' started by tim, Jul 19, 2007.

  1. tim

    tim Guest

    Hi,

    I do not know why i am suddenly getting this message "This page conatins
    both secure and nonsecure items. Do you want to display the non secure
    items?"
    as I have not knowingly changed any security settings.

    How do I stop this warning when i open my browser and go to a url ??

    Thanks
     
    tim, Jul 19, 2007
    #1
    1. Advertisements

  2. tim

    Rishi Guest

    Hello,

    Sometimes although pages are encrypted, not all the forms on the pages are
    encrypted, and Internet Explorer just warns you about that so that you know.
    This is a good feature to have when you are shopping online and so on so
    that you can ensure that all forms on that particular page are encrypted.

    If you do want to stop this Open Internet Explorer > Press the Alt key so
    that the menu bar pop's up > Tools > Internet Options > Security Tab >
    Custom Level... > Scroll down to the Miscellaneous section > Where it says
    'Display mixed content change the option to Enable and click OK > Click Ok.
     
    Rishi, Jul 19, 2007
    #2
    1. Advertisements

  3. tim

    dean-dean Guest

    To turn off the warning, on the Advanced tab of Internet Properties (IE >
    Tools > Internet Options), uncheck "Warn about certificate address
    mismatch", under the section labeled "Security" (Apply, OK).
     
    dean-dean, Jul 20, 2007
    #3
  4. tim

    Guest Guest


    That won't correct the problem the original poster was talking about, and
    it's bad security advice in general.

    If a certificate doesn't match the name of the web site, then it's the wrong
    certificate for the web site, and you should assume that your connection has
    been redirected to another site that may be malicious. Don't turn off the
    warning for that!

    The fix for the poster's original question is for the web-site designers to
    ensure that every included component on a secure page is served by a secure
    link. As an example of why this is a bad thing, consider a web form with a
    graphic at the top. If the form is delivered securely, but the graphic is
    not, the graphic could be manipulated inline by a "man in the middle"
    attacker to display instructions to the user - for instance, "Form not
    working - please submit financial details to instead
    of using the form."

    The user will see that they have a secured form, and will presume that the
    graphic is reliable as coming from the vendor.

    Working around this at the client side is not a good security solution.

    Alun.
    ~~~~
     
    Guest, Jul 21, 2007
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.