SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: SSL and frames

  1. #1
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Posts
    31
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    SSL and frames

    What is the best way to implement SSL for a web site based on frames?

    Third party content - requiring SSL - will be displayed within a frameset within our domain. I need to know the best way to do this so that the customer is aware of being in a secure mode - padlock is visible and a security alert.

    A previous example of this with another company does not show the padlock despite the page being https within the frameset. Also i do not get a security alert prompt to indicate im switching from insecure to secure mode, or that the page contains both insecure and secure items. Have these been suppressed somehow? In other words the customer will not realise that the page is secure so this is not a good model.

    Opening a new window is not an ideal option as it is required to maintain our branding around the content.

    Will it be necessary to secure our domain too (the frameset) or not?

    Any help or suggestions welcome.

    Mark

  2. #2
    SitePoint Guru siphilp's Avatar
    Join Date
    Nov 2001
    Location
    Fife, Scotland
    Posts
    663
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i believe that this depends on what frame is in "secure" mode. If it is the page with all the frames within it then the padlock will be displayed. However if it is only one page within the frameset then the padlock will not be displayed.


    regards


    Si

  3. #3
    SitePoint Zealot wineo's Avatar
    Join Date
    Nov 2003
    Location
    Perth, Western Australia
    Posts
    157
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is the content in the frame that is secure infact encrypted while being include by a page that is not secure?

  4. #4
    Texan at Heart Corey Bryant's Avatar
    Join Date
    Sep 2003
    Location
    Castle Rock, CO
    Posts
    2,491
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes you will need to secure you domain to fully have a secured website. Otherise mixing secure & non-secure items will cause most browsers to issue a warnig

  5. #5
    SitePoint Zealot wineo's Avatar
    Join Date
    Nov 2003
    Location
    Perth, Western Australia
    Posts
    157
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was more worried about my C/C details being unsecure on a page where just the frame was secured.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •