Friday, July 31, 2015

What the "Only secure content is displayed" Warning in a Web Browser Means

Have you ever wondered what is going on when you visit a webpage and receive a warning stating "only secure content is displayed" as the page is loading?  This warning is usually displayed on a webpage visiting using Internet Explorer when:
  • The webpage you are visiting is being delivered securely (meaning the URL is using https://mydomain.com)
  • AND there is content somewhere on the webpage being delivered from another location which is not using a secure link (using http://mydomain.com)
The s at the end of http means the content is being delivered securely, aka encrypted, so it cannot be modified by anyone or anything between the requesting user and the responding website.  Here is an example from our website where our recent blog posts are listed on a news page, except the list is being dynamically generated by Feed Burner, a Google service.



If you are familiar with and trust the website where the warning occurs, then the content can be allowed by clicking the "Show all content" button.  If you are concerned about the content, it may be wiser to scroll through the website first.  This will give you an impression of the type of content the website has before allowing any external content to load.  On our website, once the content loads it looks like this:


Every browser handles secure and insecure content differently.  This means some browsers may block insecure content without even prompting you and you may not even know it exists.  In other instances insecure content is automatically displayed without your knowledge or interaction and as the user you will never know.  

One determining factor for delivering external content often surrounds whether the content being delivered is the same as the existing webpage.  In other words both are http, or both are https.  Either way, it is important to remember not to submit any personal information on a page using http://mydomain.com because the information is being sent in clear text just like you are reading this sentence.  This means anyone can capture the data as it travels between you and before it gets to its intended destination.

As always, being informed can make all the difference, especially when it comes to Internet safety!

No comments:

Post a Comment