Partilhar via


Mixed content and Internet Explorer 8.0

Hi everyone!

My name is Anshu. I am a support engineer in the Internet Explorer Core team at Microsoft. Today in this blog I am going to talk about a change in Internet Explorer 8.0 with respect to a setting related to security zone called “Display mixed content”.

Now to take you back in IE 7 when we go to an HTTPS page that has non-secure HTTP content we get to see a dialog box asking

“This page contains both secure and nonsecure items. Do you want to display the non secure items”

By clicking Yes, I will ask it to display the mixed content.

To Disable/ Enable/ Prompt the “Display Mixed Content”, click on Tools | Internet Options. In the Internet Options dialog, click the “Security” tab. Pick the zone that you want to change the setting for and click the “Custom Level” button. In the Settings area, scroll down to the “Miscellaneous” section and modify the area highlighted in the dialog show below.

clip_image001

..And the dialog which comes in IE 7

clip_image002

The reason for the warning is that you’re on an SSL-secured (https protocol) page that is attempting to load non-SSL (http protocol) content. Something to note is that the dialog does not prompt if you’re on an HTTP page and you request HTTPS URL.

Hypertext Transfer Protocol Secure (HTTPS) is an Application Layer protocol  that is a combination of HTTP and SSL (Secure Socket Layer) or TLS (Transport Layer Security).  HTTPS connections are used for secure transfer of data between the website and the client. Messages are secure since the HTTP message is encrypted via SSL or TLS and then sent on the network/internet. When the message is received by the addressed station, it decrypts the message.

The dialog was changed in IE 8 to encourage users to make the more secure choice by selecting ‘yes’.  Selecting ‘yes’ to the IE 7 dialog resulted in showing both secure and non-secure content.

clip_image004

Note:   Please consider the security implications outlined within the dialog before honoring the dialog request.  The Security dialog is being presented for your information and protection.

We changed the wording of the mixed content (The mixed content refers to HTTP and HTTPS content ) warning dialog to "Do you want to view only the web content that was delivered securely?" The buttons are "Yes/No".

If you want to display mixed content in IE 8 you should click "No". The previous versions of IE asked the user "Do you want to display the secure and non secure content?" You click "Yes" If you want to display mixed content.

Well, that’s all for today.  Thank you so much for you time!

Regards,

The IE Support Team

Comments

  • Anonymous
    May 20, 2009
    Hi Brent,I have been converting a web app to ssl. Until now it was unsecured and used references to http for shared resources (images, help doc) from a sister domain that we control.There is a cert and ssl on both the app server and the sister domain server.I can navigate the sister site using either http or https directly without a problem. So the sister site has ssl available but it is not required.The web app however requires ssl. All the references from the pages in the web app to the shared resources on the sister domain are https.  IE8, however will prompt even though all urls to both domains as I said are https.  I cannot get access without a prompt unless I globally change the option in tools/security/internet etc. It is set to prompt of course.Under IE7 and IE6 each with the same option set to "prompt", I am not prompted. The page and all resources load without a problem. IE 7 and 8 seem to recognize that the ssl is available on both domains and open the proper channel where IE8 does not.Is this by design? Am I missing something?Thank you

  • Anonymous
    May 21, 2009
    The comment has been removed

  • Anonymous
    May 22, 2009
    I am using IE7 and on 1 of my computers I enabled mix content and now I don't get the warning, buton the other computer the warning comes EVERYTIME I change windows inside 1 of the website applications that I use everyday.Please email me any thought nikki@myvolo.com

  • Anonymous
    May 27, 2009
    What kind of content will cause this popup to appear.  It seems that href tags won't, but would a form like this?<form name="searchForm"                             action="http://help.blah.com/help.cfm"                             method="GET"target="_blank">class="searchButton"                           onclick="document.searchForm.submit()"/>                         </form>

  • Anonymous
    June 01, 2009
    Hi! We have a client who wrote that our secure site was insecure. The only reason I can figure for this is the above message that appears in IE8. I do not get a similar warning in Firefox 3 or Safari 4. Viewing the source code of the page I do not see any elements coming from a non-secure source - there are elements with relative URLs but I am assuming that shouldn't be a problem? So my question is, is there a ways to view which elements IE8 believe are in-secure so that we may correct this? Whether I answer the above message with "Yes" or "No" I do not view and graphic difference with the page.

  • Anonymous
    June 03, 2009
    Thanks a lot for this post ...

  • Anonymous
    June 15, 2009
    Hi,Am having one expired ssl certification for testing. Just i tried in online i got "Do you want view only..." in IE8. I am using this for my test purpose and i would like to download the content  with out this warning, for this i want  do to 'off'  this warning.. How can i disable this feature......or  how i can view my content even its ok ......I tried with enabling mixed content option in security area....

  • Anonymous
    June 17, 2009
    Interesting post - thanks.I have added an https site to my trusted sites list and made the change to settings to display mixed content in the custom level for trusted zone - I still get the error message.When I add the display mixed content setting in the internet zone also I loose the error message.Any thoughts on why it needs the setting in both zones before it gives the desired result?Look forward to your comments.

  • Anonymous
    June 25, 2009
    Is there a way to turn this off for a specific site?  For example, I visit/work on a site many times a day that displays mixed content.  I want to view both the secure and non-secure content but I don't want this warning popping up EVERY time.  

  • Anonymous
    June 30, 2009
    I tried to do this enable of mixed content for only my "trusted" sites and the prompt does not go away on any of the 3 "Display mixed content" settings. If I go to "internet" rather than trusted sites and enable mixed content displays, the annoying prompt goes away.I am running the IE8 that Microsoft downloaded through normal maintenance a couple of days ago. I like the idea behind this but the implementation bug means it has no effect whatsoever. If you want a URL that is innocent and every page gives the mixed content prompt, I can supply it.In essence, the URL is always http but puts some well known banner adds on each page which are not secure.  

  • Anonymous
    August 19, 2009
    We are Hosting a HTTPS Site that contains both, https and http Elements. First of all the New Message on IE 8 is a little bit confusing, because the way of Click through has changed from yes to no.The thing is that i don't want to tell all our users to change their IE 8 Settings, but on the other hand i actually don't want to lose HTTPS Security just to avoid this IE 8 Message.My Question: Is there maybee a more reluctant way to give the User this Security Hint? At best without the posibility to crash a Website, by hiding some elements if the User clicks "yes".An Example could be the way the Firefox Team handles the same issue. Just showing a Icon with a red exclamation point.Best Regards, ... and keep on moving.

  • Anonymous
    August 28, 2009
    The comment has been removed

  • Anonymous
    September 02, 2009
    Wow!!  I wish I had never upgraded to Internet Explorer 8!!!!!!  What a mess!!!!!!  Now I am not able to use internet explorer at all.  I was satisfied with my old internet explorer version, but my computer told me that I would need to upgrade.  Yeah, right.  Now I just have a mess!!!!!  I wish I could just go back to Internet Explorer 7.

  • Anonymous
    September 02, 2009
    If you enable "Display Mixed Content" in IE8, what risks might you be opening your system to?

  • Anonymous
    September 09, 2009
    This option, as implemented, might have made sense years ago, but in the present age of hosted applications, especially social networking ones where people include Youtube videos and other such content, it's very user unfriendly and unproductive. It leaves administrators the choice of turning the option off for all internet sites (because there's no way to control where a user might link to) or to have users continually hit the "No" option. (And so learn to ignore the warning message even when they see it in other places.)A better implementation would be to have it set at the page host level so that the hoster can decide whether the risk, givent the nature of how the site is used, is acceptable or not.

  • Anonymous
    September 11, 2009
    I was not able to prevent this pop up until I added both the http and https version of the site I was accessing to my trusted sites. Now if I trust the site shouldn't this be disabled??? The site I had issues with was my companies corporate forums. I doubt they werre trying to bypass any security with HTTP and even though I saw no HTTP links this warning not only occurred but caused IE to constantly report "errors on page" which somehow prevented some of the page features such as linking. Once I added both HTTP and HTTPS versions of my site to the trusted sites and changed the default option from prompt to allow it seems to be OK.

  • Anonymous
    October 01, 2009
    The comment has been removed

  • Anonymous
    October 21, 2009
    this message is super f&^&^ annoying and going to make me never use explorer, except for netflix, where i have to.make explorer secure, so we can't get viruses, instead of giving us warnings that it doesn't work. safari and opera don't have these problems.you probably pay the hackers to invent the stuff anyway.

  • Anonymous
    November 19, 2009
    Hi I am running Vista Premium and ever since i installed the IE 8 update i cannot load my facebook page. if i type HTTPS i can then load but still have some problems with it. if i use Opera browerer it loads fine. my sister has the new windows 7 (not an upgrade) and she has IE 8 by default and she is having the very same problem as me. does anyone know of a way to resolve this. any help is greatly appreciated.....Joe

  • Anonymous
    November 24, 2009
    Thank You Anshu!  You Help in that annoying message is Greatly Appreciated!  John Pferdehirt

  • Anonymous
    November 25, 2009
    The comment has been removed

  • Anonymous
    December 20, 2009
    Hey,I set the option to enabled, I even verified that the option 1609 in HKCU/.../Zones/2 (for trusted sites) is set to DWORD "0"but I still get this anoying prompt every time I click on a link on my SharePoint site.This problem only occurs on one computer but its working on all other computers with the same site, same operating system, same browser.I already re-installed IE 8 on Win7Any ideas?Greetz,Florian

  • Anonymous
    January 08, 2010
    The comment has been removed

  • Anonymous
    January 14, 2010
    The comment has been removed

  • Anonymous
    January 16, 2010
    Thank you so much for taking the time out of your day to help me.It works fine now, bless your heart!

  • Anonymous
    January 19, 2010
    Worked a treat, many thanks :o)  Need more people like you!

  • Anonymous
    January 19, 2010
    Thank you so much. Simple to follow instructions (I am computer illiterate) and they worked!! You are a Godsend and I am extremely grateful.Thank you.

  • Anonymous
    January 21, 2010
    I tried Anshu's recommendation (for my original posted question) and multiple options around it. Nothing worked! I finally went back and uninstalled IE 8 and reinstalled IE 7 and I'm getting most of my images displayed now. It ain't perfect but then it's another sloppy Microsoft program.

  • Anonymous
    January 21, 2010
    Webpages will not open on my email.  Mixed content is checked.  They used to always open and nothing has changed on my computer.  WHAT GIVES?

  • Anonymous
    January 22, 2010
    I need some advise. I can no longer see the pictures that were part of all the emails I used to get from different vendors. I used to be able to see the pictures of clothing or people. The only thing I see know is writing. What can I do to fix this?Evelyn

  • Anonymous
    January 22, 2010
    The comment has been removed

  • Anonymous
    January 22, 2010
    Freddie AgainI was mistaken, it was on prompt and i had switched it before to enable but now when i went to look at it, it was back on prompt.  I tried switching it again to enable, then click "reset" and it takes me back to the top of the page and when i scroll down, it automatically went back to prompt.Why

  • Anonymous
    January 22, 2010
    Freddie ONce AgainWell not being very puter literate, little did i know RESET meant reset back to the original settings thus wipping out my change to enable.  I have switched to enable and didnt dit reset and it now works. thanks

  • Anonymous
    January 26, 2010
    Still not working.  Maybe I am too much of a novice, but the lengthy explanation did not help at all.  I just want to be able to see images in my email again!!!!!  Even when I click to show images----THEY DON'T SHOW UP!!!This is terribly annoying.  Reminds me of ancient email when no images were availble.  Why can't someone at Gmail help?

  • Anonymous
    January 26, 2010
    Same problem as others have reported.  "Suddenly" unable to display images in emails, even after clicking on "display images." Problem began a couple or weeks ago, and hasn't "resolved itself." I'm another computer illiterate, so....

  • Anonymous
    January 29, 2010
    I have the same issue with my gmail account. Can't see images in the emails, even if you click "display images" or "always display images"It just started recently for me also. The only thing I can think is there must have been a change in the IE 8 system that was automatically downloaded through a windows update or something. I have not changed anything on my pc, but now I can't see the images. Its frustrating because some of the emails I need from companies I work with...I can't read. I hope someone can fix this, or let us know how to change our system to make it right. Enabling mixed content did NOT work.

  • Anonymous
    January 29, 2010
    This was not an answer to my question.  I want to know why I can't view graphics in my email.  

  • Anonymous
    January 30, 2010
    I've experienced the same problem. Am not upgrading to IE8. I cannot see any graphics on gmail. What is up with that? Nobody has given an answer that works for me. Has anyone else found a solution? Maybe I'll just have to switch from gmail...hate to, but might have to to solve the problem.

  • Anonymous
    January 30, 2010
    Worked for me....let's see for how long!!

  • Anonymous
    February 01, 2010
    Under "Tools", select "Internet Options", then "Security Settings", select "Custom Level", "Settings", scroll down to "Miscellaneous", to "Display Mixed Content", select "Display"(not "Prompt"!).Worked for me like magic!(Hard to follow, unclear instructions from the Microsoft support person above... - I had to guess hard what he meant...)Good luck!

  • Anonymous
    February 01, 2010
    In the instructions above, I meant: select "Enable" (not "Prompt"):)Corrected sentence:"Under "Tools", select "Internet Options", then "Security Settings", select "Custom Level", "Settings", scroll down to "Miscellaneous", to "Display Mixed Content", select "Enable" (not "Prompt"!)."

  • Anonymous
    February 03, 2010
    this post had absolutely nothing to do with why my images are not displayed in gmail.

  • Anonymous
    February 05, 2010
    I unable to see images in my gmail....I have to see all my emails on internet rather than seen them on gmail.......even weeekly catalogues for shopping, i unable to seee.....plz help....my email is smart.wellid@gmail.comI try"Under "Tools", select "Internet Options", then "Security Settings", select "Custom Level", "Settings", scroll down to "Miscellaneous", to "Display Mixed Content", select "Enable" "everything, but no difference, today is 6th feb 2010

  • Anonymous
    February 09, 2010
    I wasn't getting any pictures in my emails, just little squares changing this setting and restarting my computer worked, thank you

  • Anonymous
    February 11, 2010
    Fix doesn't work ..tried it many times ..IE 8 Win 7 64 bit.C'mon Microsoft, get your acts together.

  • Anonymous
    February 11, 2010
    I posted a question at 6 PM EST today regarding issues with message downloads in gmail. I am new at this, but so far I have not seen it posted. But in the mean time I have received an email from "do not reply" suggesting enabling the mixed content in IE Security settings. Unfortunately, this has made no difference. I want to thank the responder, but the issue remains unresolved, and I hope that this comment will appear in the Help Forum content, as well as my original issue posted earlier today. Thanks

  • Anonymous
    February 11, 2010
    I do see my question posted at 5:57 PM. But my comments are appearing in different dialogs from the one with the question

  • Anonymous
    February 11, 2010
    I am a faculty member at a community college and we are having no end of trouble with this "new" feature, because it runs counter-intuitive to what our students have been doing for years. The "mixed content" is coming from our own domain and they don't read the message carefully enough to realize it is asking if they do NOT want to view it. They are used to being asked if they DO want to view it. It took me 3 attempts to realize what it was actually asking. It should be changed back to what it was before.In my opinion this idea was so bad that the developer who thought it was a good idea should lose his job.

  • Anonymous
    February 12, 2010
    I am trying to see all of a web page www.abrames.com on the left hand side of the home page there are 5 hypertext headings - I can't for the life of me get these to appear on one of of PC in the office.  Can you help PLEASE.  I have tried the 'display mixed content' enable - nothing.   I don't even get a prompt asking to display what is not showing.  Thanks for reading

  • Anonymous
    February 12, 2010
    Two questions for those who are mentioning Safari and Opera:What about Firefox and Chrome? What does it mean that these browsers don't have this problem? Isn't it preferable the way IE handles it -- to warn the user that there is non-secure content on a page that is supposed to be 100% secure? I mean, what's the purpose of having supposedly secure pages at all, if non-secure content can slip past without any warning? I'm sure there's a good answer, but I'm just confused.

  • Anonymous
    February 14, 2010
    The comment has been removed

  • Anonymous
    February 15, 2010
    Unfortunately we have a big problem with the way IE8 is interacting with Gmail, which recently rolled out an option to "always use https."  http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.htmlMicrosoft trained us for years to click on "yes" and now we're supposed to click on "no." Millions of IE8 and Gmail users will be confounded by this and never see images in their emails again. Certainly unintended consequences.... help please!?

  • Anonymous
    February 17, 2010
    This was very annoying and I'm glad to have found this page. At home I only use firefox, free, secure and easy to use. The reason I don't use explorer is the ANNOYING useless popups.

  • Anonymous
    February 18, 2010
    When you go on:https://blogs.msdn.com/askie/archive/2009/05/14/mixed-content-and-internet-explorer-8-0.aspxThat must be the same page a this you are looking now !This page is not secure ;)I understand now General Motor that say in the passt , i will never integrate the Microsoft OS, lot off unsafe ;)Thanks for this nice warning that give really right information about reallity ;) , all images on this page are unsafe content , ;) really good function that take lot off concept and programming time for nothing other disturb the user about wrong information .Thanks.

  • Anonymous
    February 21, 2010
      we have been converted a web app to ssl. Until now it was unsecured and used references to http for shared resources (images, help doc) from CDN(i.e., remoter server).  web page is not displaying in IE, it seems it unable make http calls. help please...

  • Anonymous
    February 23, 2010
    None of what you wrote shows up when I go to >Tools>IN Options>security>  I can't tell if this computer is IE7 or IE8.  BUt I can not see all of the pics in all of my email on gmail.

  • Anonymous
    February 27, 2010
    Thanks. The change of settings worked. Am able to view images in my email now.

  • Anonymous
    March 05, 2010
    The comment has been removed

  • Anonymous
    March 08, 2010
    Maan that is so cool!! I 've been struggling with it for a while now!! thank you so much!!!!

  • Anonymous
    March 16, 2010
    The comment has been removed

  • Anonymous
    March 18, 2010
    Hi, I have a lot of sites mix together which build up with asp.net, and for some reason I have to change one site into https(others not). And every time on visiting this https site will give me a prompt on showing insecuring things(elements from other http sites). And most of all, I don't want to notify users which visit this site to change their IE settings or just let them to click y/n every time, so my question is is there a way or shortcut to avoid showing this message and do not change other http sites to https?

  • Anonymous
    March 19, 2010
    Does Anshu ever respond to these blog postings.I have set the internet options to enable mixed content. I still get the irritating pop-up.How does one configure IE 8 to stop doing this?

  • Anonymous
    March 23, 2010
    The comment has been removed

  • Anonymous
    March 31, 2010
    Thank you so much, this fixed my problem!

  • Anonymous
    April 04, 2010
    Hi,My Name is K.Prabakaran.My Html content is below. its is a dotnetnuke size widget object.<object id="SizeWidget" codetype="dotnetnuke/client" codebase="StyleSheetWidget"               declare="declare">               <param name="baseUrl" value="/snapev2A/Portals/_default/Skins/MinimalExtropy/css/variations/" />               <param name="template" value="&lt;div title='{TEXT}' {ID} {CLASS}&gt;&lt;/div&gt;" />               <param name="default" value="width1024" />               <param name="Width 1024" value="width1024" />               <param name="Width 1280" value="width1280" />               <param name="Full Width" value="widthfull" />           </object>When i validate via WCAG told that object tage have element content.So i put like this<object id="SizeWidget" codetype="dotnetnuke/client" codebase="StyleSheetWidget"               declare="declare">               <param name="baseUrl" value="/snapev2A/Portals/_default/Skins/MinimalExtropy/css/variations/" />               <param name="template" value="&lt;div title='{TEXT}' {ID} {CLASS}&gt;&lt;/div&gt;" />               <param name="default" value="width1024" />               <param name="Width 1024" value="width1024" />               <param name="Width 1280" value="width1280" />               <param name="Full Width" value="widthfull" />Loading....           </object>Now check again it passed the WCAG verification. but the image does not show image in IE. But in Firefox it shows the image.Can you give me the solution for this..

  • Anonymous
    April 06, 2010
    Once again: Mixed Content warning comes when web developer references an insecure (http) resource within a secure (https) page.Preventing Mixed Content Warnings (for web developers)One trick which might be useful is to use protocol-relative hyperlinks, of the form “//example.com/image.gif”.  Additionally, In IE8 and below, the following SCRIPT tag will cause a mixed-content warning:<script type="text/javascript" id="contentloadtag" defer="defer" src="javascript:void(0)">If you simply remove the SRC attribute from this tag (since it's not performing a download), you will find the problem goes away.You can use fiddler web debugger to troubleshoot the problem. It will show the list of HTTP requests. Eliminate the use of those HTTP URLs.For more details on the Mixed content (HTTP and HTTPS) refer the following blog:http://blogs.msdn.com/ieinternals/archive/2009/06/22/9797918.aspx

  • Anonymous
    April 30, 2010
    The comment has been removed

  • Anonymous
    June 22, 2010
    This problem makes Outlook Web Access unusable, I'm surprised no one else has mentioned that.  I've tried all the "fixes" with no change.  I've delayed upgrading our Exchange server but now I'm looking for a different email solution.  I wonder if Microsoft knows they are losing business over this "feature".

  • Anonymous
    July 01, 2010
    Hi - We have a MOSS Portal and I use FireFox - I only recieved the mixed mode dialog once, but as Nikki mentioned above, several IE8 browsers display it every time, despite changing the config to 'Enable' to 'Prompt'?

  • Anonymous
    July 12, 2010
    Tanks a lot, your advice saved me hours of toying with the settings to remove this annoying warning message.

  • Anonymous
    July 14, 2010
    YES!  This works beautifully!!!!!  Thank you.  Thank you.  

  • Anonymous
    August 08, 2010
    To turn this annoying security prompt off, Go to IE, Tools, Internet Options, Security, Custom Level,scroll down to "Display Mixed Content", and then DISABLE it. Restart IE."Prompt" is the default setting.

  • Anonymous
    August 10, 2010
    The comment has been removed

  • Anonymous
    August 18, 2010
    The PM that decided to do this clearly had the wrong hat on for the day... let's opt for a worst default experience... for a feature that 95% of the world doesn't understand

  • Anonymous
    September 07, 2010
    I have kids that use this computer. I don't want them to get inappropriate images. Does this change work only for my Gmail?

  • Anonymous
    September 09, 2010
    Differently on TOP 10 of Microsoft's STUPID features of providing fails sense of security.

  • Anonymous
    September 15, 2010
    HiThanks for this information. I have changed in my system but can you say how to resolve this problem to the users who are using my website. Please help me.Thanks.

  • Anonymous
    September 26, 2010
    Hi,thanks for this post.Is there a way to check out the unsecure content url(s) of a supposedly secure https page? IIS log / Internet Explorer tab of the Event Viewer... Anything else?

  • Anonymous
    October 05, 2010
    The comment has been removed

  • Anonymous
    November 15, 2010
    The comment has been removed

  • Anonymous
    January 25, 2011
    As many have noted, the ultimate fix is to just move over to a standards-compliant browser (eg, Firefox, Opera, Safari, etc.). For Marty Goehner, I would suggest Apple. They are the closest thing in the industry to having a "ready when you are" computer that you can get. No, I don't own them or sell them or service them. But I positively drool over the ease at which friends that do own them spend their time thinking about their work instead of sweating the latest upgrade and subsequent changes to the user interface (eg, nerdy error messages about what kind of domain the icon file was loaded from) not to mention the quantum leaps in bloated code to support silly features.

  • Anonymous
    January 26, 2011
    The comment has been removed

  • Anonymous
    January 28, 2011
    I have tried all of the suggestions in order to view images forwarded to me. I changed the mixed content to enable. I click on view images. I tried firefox to see if it was IE causing the problem. Nothing worked! It's really frustrating! This was in my email today and again no image:http:///?ui=2&ik=a14d0a18e2&view=att&th=12dce04591d98d3e&attid=0.1.1&disp=emb&zw

  • Anonymous
    February 01, 2011
    Sue, the URL in your example has no domain name specified in the URL (see the three consecutive slashes after 'http:'?), which is why it isn't working.  It isn't a matter of being mixed content, it's a matter of having an incorrect URL. http:///?ui=2&ik=a14d0a18e2&view=att&th=12dce04591d98d3e&attid=0.1.1&disp=emb&zw

  • Anonymous
    February 28, 2011
    Very detailed explanation, THANKS MS man and MS for giving for the time or position to provide this service.There needs to be a simailr explanation for correcting the GMAIL messages that substitute Boxes with Xs in them instead of images (logos etc.) in email.

  • Anonymous
    March 01, 2011
    Hi,Have encountered with problem while displaying the image sent through an email, when it is being opened with mozilla, chrome etc its working fine, where as with internet explorer 7, the image is not displayed as per its regular size, rather the image is dragged. Kindly if someone has a solution to this issue, pls send a mail to cheeku_scorpion@yahoo.comThank u

  • Anonymous
    March 20, 2011
    Thanks so much for posting this. My email, which is also my homepage, has this popup everytime, and I wasn't sure where this setting was.

  • Anonymous
    March 21, 2011
    Anybody know how to create a script that will automatically enabled the Display Mixed Content for all the 3 Security Settings (Internet, Local Intranet, and Trusted Sites)?  Thanks

  • Anonymous
    March 29, 2011
    The comment has been removed

  • Anonymous
    October 13, 2012
    happy to see it helped so many people

  • Anonymous
    December 20, 2012
    Any suggestions on how to recognize when IE's buggy behavior on SSL detection is causing this to show up? I launched fiddler and saw that everything on the page is loaded via SSL, but IE still displays the warning. Similarly, all other browsers have no such warning, and debugging tools in firefox and chrome show that all resources are loaded via SSL. Sounds like IE7/8 have a bug present where in some cases it erroneously reports mixed content.

  • Anonymous
    January 31, 2013
    @HarlanDo you have the url you are seing this behavior in IE and what is the OS version?Ref:Internet Explorer 8 Mixed Content Handlingmsdn.microsoft.com/.../ee264315(v=VS.85).aspx

  • Anonymous
    February 20, 2013
    Internet explorer is one the most complicated, frustrating browsers around, it causes so many many problems. Hence why Chrome and Firefox are so popular

  • Anonymous
    February 21, 2013
    Just as a heads up. If your site is in the intranet zone, the intranet zone settings won't actually take effect unless the Internet zone setting is set. Makes no sense, but that's the only way it works.

  • Anonymous
    April 04, 2013
    The comment has been removed

  • Anonymous
    April 14, 2013
    Hi,I need your suggestions...In my application, a custom HTML page displaying image, the image with size greater than 28kb is visible in IE 9.0 but not in IE8...Any fix u got for the issue.Thank you.

  • Anonymous
    April 16, 2013
    @ PreethiThis may not be the best forum to post this question. You may want to try also provide your site url so, we can take a look at when posting :-).

  • Anonymous
    July 02, 2013
    Thank you so much Anshu, very very helpful and easy to understand suggestion  (change in Internet Explorer 8.0 with respect to a setting related to security zone called “Display mixed content”. )

  • Anonymous
    September 26, 2013
    I cannot get that pop up message to stop displaying  I have IE 8 and am using  Sharepoint pages - I had  done the disable mixed content for allt he zones  trusted intranet and internet - what could  be is causing this

  • Anonymous
    October 02, 2013
    @ IE*and SharePoint 2010 web pageYou must understand what your SP web pages are doing. A Network Trace or Fiddler may aid in figuring out what the web pages resources are doing / coming from that may trigger the Warning.You may want to start by understanding what the setting does:Mixed content (HTTP and HTTPS) refer the following blog:blogs.msdn.com/.../9797918.aspx

  • Anonymous
    November 05, 2013
    The only work around I have found to the security popup window is to host all your content in a https (SSL) environment with no outside links to anything else unless the content is also in a ssl environment.   I do not have the luxury of making the browser modifications mentioned in this blog so I have been pulling in content from a website into Sharepoint making sure the content resides on an external ssl site and works like a charm.....no popup.    Not sure if this helps but .....solved some of the issues I had.... for what its worth.

  • Anonymous
    November 26, 2013
    This works fine under all users but the ones that cannot select internet options because of group policies how do you change them when they can't access internet options?

  • Anonymous
    November 29, 2013
    Great, got rid of the pesky popup thank you!!!

  • Anonymous
    December 04, 2013
    @  Deb  If you are using a GPO, then you have to edit the GPO to manage the setting. Even if you are able to change it from the registry, these setting will come back when the policy is refresh.To learn about GPO, you can visit the online GPO reference page: gpsearch.azurewebsites.net/default.aspx

  • Anonymous
    June 02, 2014
    E mails in Internet Explorer 8 were not displaying pictures or graohics, logo's etcThis Solutition soved the problem for me  (i.e :go to internet options, security, custom level and alter display mixed content to enable.)Many thanks to Anshu for this!.

  • Anonymous
    June 21, 2014
    I followed the instructions you gave and the pop up STILL comes up. It is virtually constant. Please advise.

  • Anonymous
    June 22, 2014
    @Jane MWhat is the popup and what version of Windows and IE are you running?Are you in a controlled environment?If you are still using IE8, we strongly suggest updating to IE11 and if your application are not compatible with IE11 use the IE11 Enterprise Mode GPOs and see if the application works as expected.See the IE11 EMIE blog.blogs.msdn.com/.../stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx

  • Anonymous
    October 27, 2014
    I have a signalR service running on localhost and javascript from https tries to connect to signalr . Is it possible to disable/enable mixed content programmatically(batch file)?

  • Anonymous
    November 01, 2014
    @Jayant    You can turn on or off the mixed content setting for the respective Zone.The following article have information about the zone settings including mixed content:Internet Explorer security zones registry entries for advanced userssupport.microsoft.com/.../182569Look for: 1609     Miscellaneous: Display mixed content *GPO: Machine:  gpsearch.azurewebsites.net         User:        gpsearch.azurewebsites.netSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZonesAvailable Zones:Value    Setting  ------------------------------  0        My Computer  1        Local Intranet Zone  2        Trusted sites Zone  3        Internet Zone  4        Restricted Sites ZoneValueName: 1609item: decimal: 0 => Enableitem: decimal: 3 => Disableitem: decimal: 1 => Prompt

  • Anonymous
    April 10, 2015
    @AxelRMSFT, I did this setting for my IE10 but no luck.

  • Anonymous
    April 17, 2015
    That was greek talk. Not plain English.As to another problem. When I click on an email address link in IE, IE erroneously defaults the email address into the IE navigation then sending webpages flying. How do I prevent IE from using the Navigation, vs actual Email ? Thanks

  • Anonymous
    May 08, 2015
    @Shan    Do you know what zone is your site loading under and can you provide the url to the site if happens to be a public site?you can open your site and then got to the File / Properties option to find out what zone is your site loading under.

  • Anonymous
    August 05, 2015
    Thank You Sir My Peoblem Is Solve

  • Anonymous
    December 27, 2015
    The comment has been removed

  • Anonymous
    August 12, 2016
    I am getting these stupid, obnoxious and objectionable "security warnings" when I want to use Channel 4 On Demand to watch Countdown. Why should that provoke a security warning? It's just sheer stupidity and has got to stop. Also I keep getting a message saying "Datebase file "datebase\pritemp.dbd" is missing, please reinstall advanced systemcare to fix this error." This is another example of sheer stupidity that has to be removed permanently from my computer.

    • Anonymous
      August 22, 2016
      @John DevlinYou are more likely dealing with the plugin clode crossing zone.Try adding the application URL to the trusted site zone.
  • Anonymous
    May 28, 2017
    The comment has been removed