codeigniter -’secure, non-secure content’ pop up message in IE7
April 11, 2009
While doing my Project with Codeigniter I face a very disgusting problem. My developed site’s some pages are HTTPS, and other parts are HTTP. When I try to access the HTTPS page in IE it shows a pop up message telling
”This page content secure & non-secure content……!”
It was really very much annoying. I tried with many ways. After a lot of cost, I successfully solve this problem. Now, I want to share my words how you can you stop this irritating pop up message.
There are actullay two ways,
- Manually way: change the setting of your IE browser.
- Dynamic & efficient way:
Manual way you will find in google. So, don’t want to discuss about that. I am interested to share 2nd option. Because, manually changing the browser setting is not an proficient way and not a good solution. If you tell every visitor to change the setting, visitor will never back to your site. So, a good programmer will never do that.
Anyways, just come to the point. How can we solve this problem?
- If there is any <iframe src=”"
- Replace it to <iframe src=” javascript:void(0)”
- If there is <link href=http://server_name.com/system/application/css/style.css
- Replace it with <link href=https//server_name.com/system/application/css/style.css
- If there is <script type=”text/javascript” src=”http://system/application/css/swfobject.js”></script>
- Replace with <script type=”text/javascript” src=”https://server_name.com/system/application/css/swfobject.js”></script>
For codeigniter you will not able to write the URL directly. So, you have to take the “base url” dynamically. For all non-secure pages base_url will be HTTP. and for all encrypted page, base_url will be HTTPS.
Like: for encrypted pages, $base_url=https://server_name.com/ and
for non-secure pages, $base_url=http://server_name.com/
‘<?php echo $this->config->slash_item( $base_url ); ?>
Entry Filed under: codeIgniter, htaccess. Tags: codeIgniter.
2 Comments Add your own
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed
1. Phil | April 11, 2009 at 2:45 pm
I’ve solved this problem in one of 2 ways:
1) Edit the base_url in config.php to always use the current protocol
$config['base_url'] = (strtolower(substr($_SERVER["SERVER_PROTOCOL"],0,5))=='https'?'https':'http' ) . '://server_name.com/';
2) If you want to selectively control which links are http and https, then leave the base_url as http, and create a helpers for functions like site_url and anchor specifically for https. This is the method I prefer, but you’d have to do this for every helper function that you’re using which on a secure page.
function secure_anchor( $uri, $text='', $attributes='' )
{
return preg_replace( '/^https?/', 'https', anchor($uri,$text,$attributes));
}
Either of these should solve your problem.
*** None of the code above was tested, pardon any typos***
2. Sabrina | April 11, 2009 at 10:37 pm
well, I also edit in base_url & site_url to maintain the whole site’s HTTP & HTTPS.. but, HEADER and FOOTER are common. and thats why it need to be dynamic. otherwise it shows this kind of irritating message.