I'm having significant difficulty locating the root cause for a secure/insecure message comming from IE. I've looked through the entire output and there are NO references to http:
I've searched for unsource Iframes, which cause this message, and there are none and other than jquery 1.4 there isn't even the text "iframe" in the source.
I'm almost at an end trying the cause for this. 开发者_开发问答Does anyone have any ideas
Once again Evil has been "destroyed".
Problem was caused by src attribute on a dynamic script tag created by coverflow (http://www.jacksasylum.eu/ContentFlow/). setting the removing src attribute bombed script (most likely why it was put there). setting the attribute to blank bombed script (most likely why it was put there). setting the attribute to an existing file... hurray.
Long story short. Both IFrame and Script src attributes are assumed to be insecure and are not bypassed by using a "javascript:" call
I found a fix somewere else.
Replace the line 149 whith:
document.write("<script id=__ie_cf_onload defer src='blank_do_not_delete.js'><\/script>");
You will had to create the blank_do_not_delete.js file
Have you looked for img tags that reference non-HTTPS items?
You could run a fiddler trace and see what requests are being made.
精彩评论