The problem is to avoid the "To help protect your security, Internet Explorer has blocked this website from displaying content with security certificate errors. Click here for options...". slide down error in IE 8. This is a really confusing pop up in IE 7.
This happens when viewing a secure page over a https connection which has some content being delivered over a http connection.
To find the culprit content open the page in either chrome with developer tools (keyboard shortcut Ctrl+Shift+I) or in firebug in firefox. Go to the "console" tab in the dev tools in chrome or the Net tab in Firefox. The content being delivered over http should be visible by sorting the requests by host/domain.
The way around is to move all this content to a secure connection to get around the error.
Now there are some situations in which you cannot get content especially images to come over a secure connection - namely content being delivered by a third party, e.g.: facebook, sharing sites, cdns. To get around this you need to create a localy proxy to stream the content to the user after fetching it over an unsecure connection server side from the third party url.
To build a solution to this problem in DotNet C# follow the solutions mentioned on the following url's
You could customize your solution based on the type of content you need to proxy.
Another issue you would face is the DotNet security requirements not being met and throwing an exception "could not establish trust relationship for the ssl tls secure channel". The solution to this is to replace https with http in your proxy. There is a minor security concern here since you are requesting unsecure connection to be eventually delivered to a secure page. You need to do some validation of the content being delivered to the user to ensure it is not malicious.
Another way around this is to follow the link below
The CheckValidationResult which returns true by default needs to be modified to actually validate the certificate or make sure that the host delivering the content is atleast a trusted one.
No comments:
Post a Comment