6 {{ upvoteCount | shortNum }}
6 {{ upvoteCount | shortNum }}

Can a NON-SSL iframe be modified to work on an SSL site?

by magentawave
6 replies
I have a site where the entire site is SSL. I need to add an iframe to a few pages of my ssl site but the url in the iframe is NOT ssl which means there is a big blank space on the ssl page where the non-ssl iframe is supposed to be.

I just finished a chat with Hostgator and the person "believe" that a non-ssl iframe could be modified to work on my ssl site.

Is it possible to make a non-ssl iframe work on an ssl site?

Here's the iframe code:
Code:
<iframe width="255" frameborder="0" height="698" src="http://sfh.easywebinar.com/wp-content/plugins/webinar_plugin/get-widget.php?wid=1&w=240&h=698&color=undefined&ver=1&redirect_opt=1" style="border:0px;"></iframe>
#iframe #modified #nonssl #site #ssl #work
  • Profile picture of the author MoneyTalksBack
    Originally Posted by magentawave View Post

    I have a site where the entire site is SSL. I need to add an iframe to a few pages of my ssl site but the url in the iframe is NOT ssl which means there is a big blank space on the ssl page where the non-ssl iframe is supposed to be.

    I just finished a chat with Hostgator and the person "believe" that a non-ssl iframe could be modified to work on my ssl site.

    Is it possible to make a non-ssl iframe work on an ssl site?

    Here's the iframe code:
    Code:
    <iframe width="255" frameborder="0" height="698" src="http://sfh.easywebinar.com/wp-content/plugins/webinar_plugin/get-widget.php?wid=1&w=240&h=698&color=undefined&ver=1&redirect_opt=1" style="border:0px;"></iframe>
    Magentawave,

    The only way I've seen this done is when the page the iframe is referring to has https forced with a valid SSL as well.

    What happens when you have an SSL on your site is that it looks for any links or file paths that don't have a valid https. When it finds a link or frame that is "unsecured" it either throws an error in the SSL cert itself in the browser or blocks the iframe from appearing all together.
    {{ DiscussionBoard.errors[10823764].message }}
    • Profile picture of the author magentawave
      Originally Posted by MoneyTalksBack View Post

      Magentawave,

      The only way I've seen this done is when the page the iframe is referring to has https forced with a valid SSL as well.

      What happens when you have an SSL on your site is that it looks for any links or file paths that don't have a valid https. When it finds a link or frame that is "unsecured" it either throws an error in the SSL cert itself in the browser or blocks the iframe from appearing all together.
      So, in other words, there's no way to modify a non-ssl iframe to work on an ssl site without producing an error?

      Thanks
      {{ DiscussionBoard.errors[10824032].message }}
      • Profile picture of the author fmaster
        Originally Posted by magentawave View Post

        So, in other words, there's no way to modify a non-ssl iframe to work on an ssl site without producing an error?

        Thanks
        I suggest to create your own local php script/page on your server that will retrieve with Curl or file_get_contents the remote content you need. The php script will then print the content and you can such url include in your iframe. Everything will be on https then, so no browser errors.

        example:

        Code:
        <?
echo file_get_contents('http://www.example.com/');
?>
        {{ DiscussionBoard.errors[10824049].message }}
        • Profile picture of the author magentawave
          Originally Posted by fmaster View Post

          I suggest to create your own local php script/page on your server that will retrieve with Curl or file_get_contents the remote content you need. The php script will then print the content and you can such url include in your iframe. Everything will be on https then, so no browser errors.

          example:

          Code:
          <?
echo file_get_contents('http://www.example.com/');
?>
          I can do pretty much anything in a cpanel if I have simple instructions written in plain language, but that went way over my head. I don't suppose you'd care to lay that out step-by-step, please?

          I just found a page that explains how to exclude certain pages from SSL on an SSL site using his $20 plugin: https://really-simple-ssl.com/knowle...one-page-only/
          {{ DiscussionBoard.errors[10824063].message }}
          • Profile picture of the author fmaster
            Sure, you can exclude some of your pages from ssl with that guide. Then running non ssl remote page in iframe will not be a problem. On the other hand the question is if you can edit the apache's config files via cpanel.
            This will be a much easier solution then write some php proxy script.
            {{ DiscussionBoard.errors[10824089].message }}
  • Profile picture of the author magentawave
    Would you be willing to explain how to do your method, please?
    {{ DiscussionBoard.errors[10824122].message }}

Trending Topics