Is it really a security problem to have non secure assets on an ssl page?

Posted by blockhead on Pro Webmasters See other posts from Pro Webmasters or by blockhead
Published on 2011-06-20T11:54:42Z Indexed on 2011/06/20 16:39 UTC
Read the original article Hit count: 241

Filed under:

My understanding is that this is just an example of being overly cautious, but if my checkout form contains an unsecure asset on it, that doesn't endanger anybody's credit card numbers from being caught by a man-in-the-middle.

I'm asking this because every once in while, maybe because of cached content or whatnot, somebody writes in saying that they are seeing this "error" (even though there are no unsecure assets on my page), but they want an explanation.

So yes, I can tell all about encryption and certificates and trust and men-in-the-middle. But what do I tell them about this. How do I convince them that the site is 100% safe (and if it isn't let me know that I'm mistaken!)

© Pro Webmasters or respective owner

Related posts about ssl