I have an existing iframe application (php) that pulls in another web address. The problem is that the iframe is being utilized on an https site and pulling in a http site. Everything was working great but now some people are experiencing the browser blocking unsecured content and it just loads a white page rather than the pulled in content.
Is there a way to force browsers to load unsecured content into the https page without each user having to check “yes, allow content”.
The iframe content will also have to be loaded via HTTPS in order to supress the warning prompt. I’m not 100% sure if the iframe has to also use the same certificate as the main page or not, but from what I recall, I’m pretty sure that may be the case.
What CP described is an intentional security feature coded into browsers.
The only way for you to STEAL the content off the other website and post on yours is to read() the content then output as if it’s yours. Frankly, that’s PIRACY and frowned upon (ILLEGAL). In other words, link to the other website and let them display their (COPYRIGHT) content.
If you are not able to deliver the content in the iframe across a SSL connection, then you should consider if you really need SSL on your page, since as some of your members has experienced some browsers will throw security errors.
No, it is enough that it is using a valid SSL certificate, it does not need to be the same one as the main page.
Too true! However, the OP did not say what content he will post (as his own?) on his website so the legal implications of using captured content needs to be addressed (to prevent newbies from becoming wannabe pirates).
Once past the legal issue, it’s actually a better question as to why SSL is required on a page which “must (?)” display non-SSL content.