Content on Non-Secured Site When Browsing Secured Web Application or Web Site

Nothing frustrates me more as when I try to login on a secured site and images, CSS, javascript files, and other content files are not secured. For instance, I went to retrieve/reset my password on last.fm and found this:

error

A general rule of thumb is that your content should be hosted on a self-hosted or third party content delivery network (CDN) on both HTTP and HTTPS protocols. Secured pages should only reference HTTPS linked files.

var dzone_url = ‘http://weblogs.asp.net/jgaylord/archive/2009/06/15/content-on-non-secured-site-when-browsing-secured-web-application-or-web-site.aspx’; var dzone_title = ‘Content on Non-Secured Site When Browsing Secured Web Application or Web Site’; var dzone_blurb = ‘Content on Non-Secured Site When Browsing Secured Web Application or Web Site’; var dzone_style = ‘1’;

Leave a Reply

Your email address will not be published. Required fields are marked *