Mixed content when securing a group of domains

cstrickland · June 15, 2017, 10:50am

I am trying to secure an admin domain for a group of websites, each with their own domain, which have not yet been secured using ssl.

Each of these sites should be able to ask for resources from any other in the group, which are currently all serving http. When I secure the admin domain, I get mixed content warnings in chrome, and resources such as css and images are not being loaded from http.

Is there any way of turning off this default behaviour, or do I need to secure everything all at once?

schoen · June 15, 2017, 5:24pm

Hi @cstrickland,

The mixed content blocking behavior is implemented in the web browser, not the server. So you could turn it off in your own web browser if you like, but other people who use the site would still have mixed content blocking enabled by their own browsers.

Edit: e.g. https://stackoverflow.com/questions/18321032/how-to-get-chrome-to-allow-mixed-content (as of a couple of years ago, so this particular method might not work anymore?).

rg305 · June 16, 2017, 1:29am

proxy the http content through your https site
the user will only see your site and only https content

system · July 16, 2017, 1:30am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.