Sure, make the link point to an HTTPS site with a valid certificate, or use XSS to insert your desired content into an existing (vulnerable) HTTPS site of your choice.
Chris [email protected]@inet wrote on 03.06.2009 23:24:20: > Let's say that I figured out how to inject an iframe into a site, but > the site is all SSL and the iframe content is only HTTP. Is there a > way to properly display that content without the end-users on IE > getting that "This page contains secure and insecure..." modal box? > > -- > - Chris Merkel > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com ---------------------------------------- Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908 Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken. Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden. Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for exchange of legally-binding communications. ----------------------------------------
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
