AskApache Logo SSL Content Warning Security Fix

Search AskApache

3 diggs

Updated: Apr 08, 07 | SSL Content Warning Security Fix

« htaccess rewrite, htaccesshtaccess Tricks for Webmasters »

I used to run into the problem of having warning messages pop up when I accessed a page with secure and non-secure information and finally I found something that let me post non-ssl encrypted content on an ssl encrypted page and no warning messages will pop up!


On on of my secure sites, lets say https://www.askapache.com/htaccess/ I wanted to give my visitors the option to post youtube videos and google videos. But then everyone kept seeing the “warning, mixed secure/non-secure content” on a page that had one of these videos.

I basically did a str_replace on all posts text for http://video.google.com and http://youtube.com to change them to https://www.example.com/htaccess/

Then I used the following rewrite code:

RewriteEngine On
RewriteBase /
RewriteRule ^htaccess/googleplayer\.swf(.*)$ http://video.google.com/googleplayer.swf$1 [L]
RewriteRule ^htaccess/youtube/(.*)$ http://www.youtube.com/$1 [L]

and it worked!

But one caveat, this wouldn’t turn the warning messages off in IE < version 7, so I added some simple HTML to the head of all my pages that only show up for people using IE < version 7.

<!--[if lt IE 7]>
<span id="ie7">Please Upgrade:
<a href="http://www.microsoft.com/windows/ie/downloads/default.mspx?mg_id=10013">IE 7!</a>
<a href="http://www.mozilla.com/en-US/">FF!</a></span>
<![endif]“>

Cool huh!

Fix for secure and nonsecure items warning message

Secure Server Certificates available here with 256 bit encryption certs. A trusted secure server authority.

Reader Comments

Skip to form
  1. Cd-MaNJanuary 1, 2007 @ 3:36 pm

    From what I understand you imply that you can use mod_rewrite as mod_proxy. But from my experience this is not true (you can only rewrite to local URLs). Can you confirm / contradict this and eventually give some details (what extra configuration is needed, what version of Apache / mod_rewrite does this work with)?

Comment on "SSL Content Warning Security Fix"

I review each comment that makes it past my crazy-tight .htaccess anti-spam..
Please wrap code/source with <pre>...</pre> tags, (x)html is allowed and encouraged!

« htaccess rewrite, htaccesshtaccess Tricks for Webmasters »

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, which lets you use/modify/re-post this content provided you follow the attribution guidelines in the license.