How to turn off the "Do you want to view only the webpage content that was delivered securely?" security warning in IE8

Monday, July 13, 2009
A common question I hear from users of Internet Explorer 8 is, "How do I disable the 'Do you want to view only the webpage content that was delivered securely' in IE8?", as shown below.

Before I explain how, you should understand what it's warning you about. You will see this warning whenever HTTP (non-secured) elements are displayed on an HTTPS (secured) web page, which means these elements are not encrypted. Typically, these elements are just embedded images, but they could also be areas of the page where information can be entered.

By clicking Yes (the default), you will only see the secure areas of the page and will know what areas are secured. If you disable the warning, you will not know which (if any) of the elements are the page are not secured.

To disable the security warning, follow these steps:

  • Click Tools > Internet Options
  • Click the Security tab
  • Click the Internet zone and click the Custom Level button
  • Scroll down to the Miscellaneous area and change Display mixed content (shown on the left) from Prompt to Enable
  • Click OK

5 comments:

  1. as the page provider, how do I code my page not to cause this?

    ReplyDelete
  2. I change this setting so my Internet and Trusted Sites zones both have "Display mixed content" set to Enabled, but I still receive this warning when I log into Outlook Web Access 2003. I've ensured that the setting is Enabled, gracefully closed all IExplore.exe processes, then re-opened and verified the setting was rememebered. Any ideas?

    ReplyDelete
  3. Hmmm. I just tested it on a newly installed IE8 and it works fine against Exchange 2007 and Exchange 2010 installations of OWA. Try completing the same setting for Trusted Sites, as your OWA server may be in that zone.

    ReplyDelete
  4. Hi Jeff,

    Is there no possibility to tell der IIS-Server of OWA not to mix these contents.
    Manipulating all Windows clients of my remote User is not really an confortable option.

    Thanks,

    Anton Seitz
    puckit.de

    ReplyDelete
    Replies
    1. Hi Anton,

      You can configure this through Group Policy to affect all domain users. See http://technet.microsoft.com/en-us/library/bb457144.aspx.

      Delete

Thank you for your comment! It is my hope that you find the information here useful. Let others know if this post helped you out, or if you have a comment or further information.