5/7/2011 13:28 lsz
Navigation through to an email by clicking on an email in the email list in Google Mail is interrupted by a security warning popup dialog box:
Do you want to view only the webpage content that was delivered securely?
(IE8) This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage
(IE7) This page contains both secure and nonsecure items. Do you want to display the non secure items
More Info Yes No
The 'More Info' button provides no clue as to what settings need to be changed in order to suppress this warning, nor information specific to the user's specific configuraton.
Googling this issue shows it to be the "mixed content" problem with Internet Explorer. The canonical solution -- to navigate to Tools | Internet Optionis | Security | Custom level and changing Miscellaneous | Display mixed content from 'Prompt' to 'Disable' -- does not work in this case.
Site on which the link is being attempted is connected via https and is listed specifically in "Trusted Sites", yet is not trusted ('trust' is evidently not transitive) (site is https://mail.google.com/mail/) Only some email links exhibit this behavior. mail.google.com has a valid security certificate.
The solution here is a bit different than what I have seen in all other posts on this issue. This solution calls for a change in a specific security zone.
Apply the canonical solution above to the 'Local intranet' zone. Applying it to 'Internet' or 'Trusted sites' zones has no effect.
This problem occurred when I attempted to view the Doonsbury Daily Alert email link 'list' in my Goole Mail list of email.
There are four 'zones' in Internet options | Security: Internet, Local intranet, Trusted sites and Restricted sites. Even though Google Mail is identified as a trusted site and is accessed via SSL (https://mail.google.com/mail), the security prompt of 'mixed content' is not disabled by the setting in either 'Internet' or 'Trusted sites' zones. Only by disabling it in 'Locsl intranet' does this work to disable this annoying popup.
Furthermore, this popup only occurs when the user chooses to navigate to the email via the control-left mouse click to open up a new window. If the user simply left-clicks on the link to the email, the popup does not occur.
To review: the 'mixed content' by default is set to 'prompt' (Miscellaneous | Display mixed content) in all the 'Internet', 'Intranet' and 'Trusted sites' zones. When the link to the email is attempted directly with left-mouse click, the email displays OK. When the link is attempted with a control-left mouse click to open a new windows, the popup security warning is displayed.
When this 'mixed content' flag is set to 'Enable' in the 'Intranet' zone the security warning popup dialog box is finally suppressed.
The workstation in question is on a LAN workgroup with three other workstations, accessing the internet through a router on the LAN. This may have something to do with having to invoke the "Local intranet' zone, but why is certainly not clear.
-- Roy Zider
- Edited by FUBARinSFO2 Monday, April 09, 2012 8:05 PM typo correction
It did not work for me, alas.
I have wasted half the day trying to solve this problem.
Half the webpages I've read propose the "canonical" solution - which does not work (for me).
Your different solution prompted hope, but alas, failed also.
I have Google's desktop search device installed. The popup arises everytime I open a Google search results page by clicking on a search request in the desktop search module.
According to some remarks I've seen, if the Google desktop search app is uninstalled, it solves the problem. But I don't want to uninstall it.
I believe Microsoft has deliberately created this problem as a strike against Google. Because I do *not* believe that a plain Google search results page (which I have accessed thousands and thousands of times over the years) is in any way even REMOTELY unsafe for my computer, as the vexing popup states.
- Edited by John11234123 Thursday, December 01, 2011 5:30 PM fixed typos
I found solution and this definitely worked for me try going into ie 8 options advanced rollback your ie settings to the default settings when it was installed after restarting IE 8 it stopped then go to (Miscellaneous | Display mixed content) and enable apply ok close hope this works. For you.
I tried it every which way. For a Sharepoint https site that includes some http content, none of this works. It still amazes me that Microsoft doesn't even try to offer a fix but just "replaces" their broken distributed products and abandons users - leaving them with the steaming pile of dog crap that IE is.
when asking a question in an internet related forum it is helpful if you include the address of any sites that you are having problems with for the MS Engineers and volunteers to have a look at to offer a reasonable answer....
SharePoint sites are usually internal sites that should map to the IE Intranet Zone, not the Trusted sites zone. Either way you should contact your company's system administrators to resolve internal site issues or your hosting provider if your SharePoint server is hosted externally.
they should be using protocol-less uri's for their resources for pages in folders accepting the https protocol.
Thanks for the reply but this is an Office 365 environment so administrative control is limited. Mixed content has been enabled/disabled for both intra and internet sites in IE8 settings with no effect. Nowhere have I set it to "prompt" which is what it insists on doing. So either the browser settings are worthless or Sharepoint is overriding them. Both are MSFT problems and neither option is acceptable - the user should have control over what they see not the browser or the program being used.
Good to know this was not only my problem...
Yet another solution possible I would like to offer is to add you web site with a star at the beginning in the trusted sites and to remove the check-box of the "require server verification (https:) for all sites in this zone" . wibe site should be like: *.example.com and not https://example.com and you will be surprised to see that the mixed content warning disappears.