Warning : The page index.html ran insecure content

Question

I deployed my application on google appe engine. My web site use Dojo with the template claro. When I run \"google chrome inspection\", I see a lot of warning when I navigat

Answer 1

Chrome Inspection validates only client side code, not server side. So, server configuration in appengine-web.xml/web.xml doesn't matter here.

At this case it says that your html is using some external code, from other sites, that can be insecure. It not a big problem, btw. But if you wish, you can copy this files (claro.css and dojo.xd.js) to your own site to fix this issue.

Answer 2

what if the site doesn't support https?? For instance, I'm sending the request to world bank, which only supports http?

EDIT: on chrome, click the "shield" icon on the right of the address bar.

Answer 3

If your page is always accessed by secure url (https) then you might try accessing the secure versions of those include files. I think you can just use https: in place of http: in the url for those two files.

If you want to get fancy, you can check to see if the page is secure and pick either the secure or non-secure version of the link. I can post a sample of that if you need it.

Addendum: To save people time, I am posting @mercator's superior solution here:

No need to get fancy. If you want to pick the secure or non-secure version depending on whether your own site is secure, you can use a protocol-relative link. E.g. //ajax.googleapis.com/ajax/libs/dojo/1.5/dojo/dojo.xd.js