[Catalyst] Re: Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)
On Mon, 21 Feb 2011 15:15:17 +, Carl wrote:
I recommend you try viewing the page in a browser that will let you
see all network requests - e.g. firefox with the firebug plugin
running.
Another nice tool is included in Chrom{e,ium} under Tools → Developer
Tools, where - if you load an https-page, you get a little warning-sign
and a number in the bottom-right corner, which, when clicked, pops up a
list showing exactly what Chrome{e,ium} fetched that was insecure.
Example screenshot:
* http://koldfront.dk/misc/browsers/chromium-insecure-content.png
Best regards,
Adam
--
Examination and mastering of a new highly Adam Sjøgren
intellectual equipment was a hard labour. a...@koldfront.dk
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)
Okay -- we'd tried this approach using Chrome already, and it is not showing
*any* http:// requests from the https:// page.
Life HTTP Headers (FireFox) shows either https://server.name/path requests
or server-relative /path requests. Period.
Same url, yet internet explorer complains... I've got a knack for finding
weird stuff like this. Anybody else seen this?
On Mon, Feb 21, 2011 at 3:38 PM, Adam Sjøgren a...@koldfront.dk wrote:
On Mon, 21 Feb 2011 15:15:17 +, Carl wrote:
I recommend you try viewing the page in a browser that will let you
see all network requests - e.g. firefox with the firebug plugin
running.
Another nice tool is included in Chrom{e,ium} under Tools → Developer
Tools, where - if you load an https-page, you get a little warning-sign
and a number in the bottom-right corner, which, when clicked, pops up a
list showing exactly what Chrome{e,ium} fetched that was insecure.
Example screenshot:
* http://koldfront.dk/misc/browsers/chromium-insecure-content.png
Best regards,
Adam
--
Examination and mastering of a new highly Adam Sjøgren
intellectual equipment was a hard labour. a...@koldfront.dk
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
--
The first step towards getting somewhere is to decide that you are not going
to stay where you are. -- J.P.Morgan
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)
will trillich wrote on 2/21/11 5:50 PM: Okay -- we'd tried this approach using Chrome already, and it is not showing *any* http:// requests from the https:// page. Life HTTP Headers (FireFox) shows either https://server.name/path requests or server-relative /path requests. Period. Same url, yet internet explorer complains... I've got a knack for finding weird stuff like this. Anybody else seen this? I've been bitten by this when the .js or .css I am loading will load an img. E.g., ExtJS loads a s.gif file by default from http and I have had to edit the .js file(s) to use a https version instead. -- Peter Karman . http://peknet.com/ . pe...@peknet.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
