Is it really a security problem to have non secure assets on an ssl page?
Posted
by
blockhead
on Pro Webmasters
See other posts from Pro Webmasters
or by blockhead
Published on 2011-06-20T11:54:42Z
Indexed on
2011/06/20
16:39 UTC
Read the original article
Hit count: 241
ssl
My understanding is that this is just an example of being overly cautious, but if my checkout form contains an unsecure asset on it, that doesn't endanger anybody's credit card numbers from being caught by a man-in-the-middle.
I'm asking this because every once in while, maybe because of cached content or whatnot, somebody writes in saying that they are seeing this "error" (even though there are no unsecure assets on my page), but they want an explanation.
So yes, I can tell all about encryption and certificates and trust and men-in-the-middle. But what do I tell them about this. How do I convince them that the site is 100% safe (and if it isn't let me know that I'm mistaken!)
© Pro Webmasters or respective owner