{"id":265,"date":"2009-02-15T18:04:35","date_gmt":"2009-02-15T16:04:35","guid":{"rendered":"http:\/\/www.gatellier.be\/blog\/?p=265"},"modified":"2009-04-18T15:50:58","modified_gmt":"2009-04-18T13:50:58","slug":"ie-https-supprimer-alertes-de-securite-en-mode-https","status":"publish","type":"post","link":"https:\/\/gatellier.be\/blog\/ie-https-supprimer-alertes-de-securite-en-mode-https\/","title":{"rendered":"IE: supprimer les alertes de s\u00e9curit\u00e9 en mode https"},"content":{"rendered":"<p>Internet Explorer, dans toutes ses versions, affiche une <strong>alerte de s\u00e9curit\u00e9<\/strong> lorsque l&#8217;on visite une page, servie via le <strong>protocole de s\u00e9curit\u00e9 <acronym title=\"Hypertext Transfer Protocol Secure\">https<\/acronym><\/strong>, si celle-ci contient des ressources servies via le protocole <acronym title=\"Hypertext Transfer Protocol\">http<\/acronym>.<\/p>\n<h3>Alerte de s\u00e9curit\u00e9 sur <acronym title=\"Microsoft Internet Explorer\">IE<\/acronym> &lt; 8.<\/h3>\n<p><a href=\"https:\/\/noscript.be\/demo\/https-mixed-content-warning\/\"><img loading=\"lazy\" decoding=\"async\" src=\"\/\/static.gatellier.be\/i\/090215\/IE7-security-warning.png\" width=\"332\" height=\"150\" alt=\"Capture d'\u00e9cran IE7: Security Information, This page contains both secure and unsecure items. Do you want to display the nonsecure items?\" \/><\/a><\/p>\n<dl>\n<dt><strong>Security Information<\/strong><\/dt>\n<dd>\n<p>This page contains both secure and unsecure items.<\/p>\n<p>Do you want to display the nonsecure items?<\/p>\n<p>[<em>Yes<\/em>] [No] [More Info]<\/p>\n<\/dd>\n<\/dl>\n<p>Ou en fran\u00e7ais&nbsp;:<\/p>\n<dl>\n<dt><strong>Information sur la s\u00e9curit\u00e9<\/strong><\/dt>\n<dd>\n<p>Cette page contient des \u00e9l\u00e9ments s\u00e9curis\u00e9s et non s\u00e9curis\u00e9s.<\/p>\n<p>Souhaitez-vous afficher les \u00e9l\u00e9ments non s\u00e9curis\u00e9s&nbsp;?<\/p>\n<p>[<em>Oui<\/em>] [Non] [Plus d&#8217;infos]<\/p>\n<\/dd>\n<\/dl>\n<h3>Alerte de s\u00e9curit\u00e9 sur IE8b2.<\/h3>\n<p>A l&#8217;heure actuelle, la version finale d&#8217;IE8 n&#8217;est pas encore sortie. J&#8217;ai donc fait des tests sur la version b\u00eata 2.<\/p>\n<p><a href=\"https:\/\/noscript.be\/demo\/https-mixed-content-warning\/\"><img loading=\"lazy\" decoding=\"async\" src=\"\/\/static.gatellier.be\/i\/090215\/IE8-security-warning.png\" width=\"456\" height=\"162\" alt=\"Capture d'\u00e9cran IE8b2: Security Warning, Do you want to view only the webpage content that was delivered securely?\" \/><\/a><\/p>\n<dl>\n<dt><strong>Security Warning<\/strong><\/dt>\n<dd>\n<p><strong>Do you want to view only the webpage content that was delivered securely?<\/strong><\/p>\n<p>This webpage contains content that will not be delivered usin a secure HTTPS connection, which could compromise the security of the entire webpage.<\/p>\n<p>[More Info] [<em>Yes<\/em>] [No]<\/p>\n<\/dd>\n<\/dl>\n<p>Notez la tournure de la phrase qui est completement l&#8217;inverse du message de s\u00e9curit\u00e9 des versions pr\u00e9c\u00e9dantes&#8230;<\/p>\n<h3>Examples d&#8217;alerte de s\u00e9curit\u00e9.<\/h3>\n<h4>D\u00e9monstration.<\/h4>\n<p>J&#8217;ai mis en place une <a href=\"https:\/\/noscript.be\/demo\/https-mixed-content-warning\/\"><strong>page d\u00e9montrant cette popup de s\u00e9curit\u00e9<\/strong><\/a>. Je sais que le certificat n&#8217;est pas valable pour le domain, d&#8217;o\u00f9 la premi\u00e8re alerte.<\/p>\n<p>Cette page est servie via le protocole s\u00e9curis\u00e9 https et contient un lien vers une image servie via http.<\/p>\n<p>Sur Internet Explorer, vous devriez avoir le message d&#8217;alerte ci-dessus.<\/p>\n<h4>Code.<\/h4>\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">\r\n&lt;div&gt;\r\n&lt;img src=&quot;\/\/noscript.be\/demo\/https-mixed-content-warning\/404.jpg&quot; alt=&quot;Un chat dans un pc d\u00e9mont\u00e9&quot; title=&quot;src: \/\/www.catswhocode.com\/blog\/404&quot; \/&gt;\r\n&lt;\/div&gt;\r\n<\/pre>\n<h3>Supprimer l&#8217;alerte de s\u00e9curit\u00e9 une fois pour toute.<\/h3>\n<p>Il y a plusieurs solutions pour cela. Dont une consiste \u00e0 <a href=\"\/\/ask-leo.com\/can_i_get_rid_of_the_this_page_contains_both_secure_and_nonsecure_items_warning.html\" hreflang=\"en\">changer les param\u00e8tres d&#8217;IE<\/a>.<\/p>\n<p>Je me vois mal conseiller \u00e0 mes clients de changer leurs param\u00e8tres.<\/p>\n<p>La seule solution est d&#8217;employer correctement le <a href=\"\/\/tools.ietf.org\/html\/rfc1738#page-5\" lang=\"en\" hreflang=\"en\">Common Internet Scheme Syntax<\/a>, en <strong>supprimant le protocole<\/strong>.<\/p>\n<h4>D\u00e9monstration.<\/h4>\n<p>Dans cet exemple, le <a href=\"https:\/\/noscript.be\/demo\/https-mixed-content-warning\/fix.htm\"><strong>protocole https du lien vers l&#8217;image \u00e0 simplement \u00e9t\u00e9 supprim\u00e9<\/strong><\/a>.<\/p>\n<p>Le message de s\u00e9curit\u00e9 n&#8217;appara\u00eet plus.<\/p>\n<h4>Code.<\/h4>\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">\r\n&lt;div&gt;\r\n&lt;img src=&quot;\/\/noscript.be\/demo\/https-mixed-content-warning\/404.jpg&quot; alt=&quot;Un chat dans un pc d\u00e9mont\u00e9&quot; title=&quot;src: \/\/www.catswhocode.com\/blog\/404&quot; \/&gt;\r\n&lt;\/div&gt;\r\n<\/pre>\n<p>Notez que la m\u00eame technique est d&#8217;application pour les fichiers <code>.swf<\/code> que vous pourriez avoir dans vos pages s\u00e9curis\u00e9es.<\/p>\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">\r\n&lt;OBJECT classid=&quot;clsid:D27CDB6E-AE6D-11cf-96B8-444553540000&quot;\r\ncodebase=&quot;\/\/download.macromedia.com\/pub\/shockwave\/cabs\/flash\/swflash.cab#version=6,0,40,0&quot;\r\nWIDTH=&quot;550&quot; HEIGHT=&quot;400&quot; id=&quot;myMovieName&quot;&gt;\r\n&lt;PARAM NAME=movie VALUE=&quot;myFlashMovie.swf&quot;&gt;\r\n&lt;PARAM NAME=quality VALUE=high&gt;\r\n&lt;PARAM NAME=bgcolor VALUE=#FFFFFF&gt;\r\n&lt;EMBED src=&quot;\/support\/flash\/ts\/documents\/myFlashMovie.swf&quot;quality=high bgcolor=#FFFFFF WIDTH=&quot;550&quot; HEIGHT=&quot;400&quot;\r\nNAME=&quot;myMovieName&quot; ALIGN=&quot;&quot; TYPE=&quot;application\/x-shockwave-flash&quot;\r\nPLUGINSPAGE=&quot;\/\/www.macromedia.com\/go\/getflashplayer&quot;&gt;\r\n&lt;\/EMBED&gt;\r\n&lt;\/OBJECT&gt;\r\n<\/pre>\n<p><small>code vu sur la <a href=\"\/\/kb.adobe.com\/selfservice\/viewContent.do?externalId=tn_4150\" hreflang=\"en\">base de connaissance Macromedia<\/a><\/small><\/p>\n<p>J&#8217;ai enlev\u00e9 le protocole http de l&#8217;attribut <code>codebase<\/code> du tag <code>object<\/code>.<\/p>\n<p>Maintenant, ceux qui utilisent encore Internet Explorer (et qui devraient vraiment <a href=\"\/\/getfirefox.com\/\">essayer<\/a> <a href=\"\/\/www.apple.com\/safari\/\">un<\/a> <a href=\"\/\/www.opera.com\/\">meilleur<\/a> <a href=\"\/\/www.google.com\/chrome\/\">browser<\/a>) n&#8217;ont plus de raisons de se plaindre de ces messages d&#8217;alerte&nbsp;!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Internet Explorer, dans toutes ses versions, affiche une alerte de s\u00e9curit\u00e9 lorsque l&#8217;on visite une page, servie via le protocole de s\u00e9curit\u00e9 https, si celle-ci contient des ressources servies via le protocole http. Voici comment les supprimer une fois pour toute.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[71,87,30,63,39,113,10,84],"tags":[114,92,116,117,115,118],"class_list":["post-265","post","type-post","status-publish","format-standard","hentry","category-bonnes-pratiques","category-browsers","category-code","category-debogage","category-flash","category-internet-explorer","category-tutorial","category-webstandards","tag-https","tag-ie","tag-scheme","tag-security","tag-url","tag-warning"],"_links":{"self":[{"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/posts\/265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/comments?post=265"}],"version-history":[{"count":0,"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/posts\/265\/revisions"}],"wp:attachment":[{"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/media?parent=265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/categories?post=265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gatellier.be\/blog\/wp-json\/wp\/v2\/tags?post=265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}