Blocked loading mixed active content

Question

I am getting these warnings in my console and my script is not working fine

Blocked loading mixed active content "http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css"

Here is the screenshot:

enter image description here

How can I fix these warnings?

My Scripts:

<script type="text/javascript" src="http://malsup.github.io/jquery.blockUI.js"> </script>
<link rel="stylesheet" href="http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css">

My firefox Version is 25.0.1. This issue is also coming on Chrome — Hassan Sardar, Dec 16 '13 at 07:26
possible duplicate of [Why am I suddenly getting a "Blocked loading mixed active content" issue in Firefox?](http://stackoverflow.com/questions/18251128/why-am-i-suddenly-getting-a-blocked-loading-mixed-active-content-issue-in-fire) — Appulus, May 04 '15 at 09:04

score 54 · Accepted Answer · answered Dec 16 '13 at 07:26

54

Use this code to include your cdn files : Use https protocol in your url :

<link rel="stylesheet" href="https://code.jquery.com/ui/1.8.10/themes/smoothness/jquery-ui.css" type="text/css">
<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.10/jquery-ui.min.js"></script>

Or this pattern :

<link rel="stylesheet" href="//code.jquery.com/ui/1.8.10/themes/smoothness/jquery-ui.css" type="text/css">
<script type="text/javascript" src="//ajax.aspnetcdn.com/ajax/jquery.ui/1.8.10/jquery-ui.min.js"></script>

answered Dec 16 '13 at 07:26

Vahid Taghizadeh

997
8
9

Also, this SO question (2nd answer) includes everything you need to know on urls. – padawanTony Jul 27 '16 at 18:11
1

So, if I have domain - which serve static files (.js, .css) with nonssl, is // still working? In your post, I just see the domain code.jquery.com has a both http and https – tquang Jun 23 '17 at 03:35

score 17 · Answer 2 · answered Dec 16 '13 at 07:28

When a user visits a page served over HTTP, their connection is open for eavesdropping and man-in-the-middle (MITM) attacks. When a user visits a page served over HTTPS, their connection with the web server is authenticated and encrypted with SSL and hence safeguarded from eavesdroppers and MITM attacks.

However, if an HTTPS page includes HTTP content, the HTTP portion can be read or modified by attackers, even though the main page is served over HTTPS. When an HTTPS page has HTTP content, we call that content “mixed”. The webpage that the user is visiting is only partially encrypted, since some of the content is retrieved unencrypted over HTTP. The Mixed Content Blocker blocks certain HTTP requests on HTTPS pages.

Got this from Blog

score 4 · Answer 3 · edited May 23 '17 at 11:54

4

This is a duplicate of Why am I suddenly getting a "Blocked loading mixed active content" issue in Firefox? which contains a perfect and concise answer:

The page displayed with HTTPS is calling contents over HTTP. This can be corrected by calling the page itself over HTTP or having the page to call its (probably dynamic) content with the same protocol as it was called itself.

edited May 23 '17 at 11:54

Community

1
1

answered Sep 29 '14 at 10:21

Dirk

267
2
10

score 3 · Answer 4 · answered Jul 16 '15 at 14:19

3

This kinds of issue will come up if you view the page as SSL. You need to modify your reference as https or else start the url as // so that you will avoid this issue.

answered Jul 16 '15 at 14:19

Lalnuntluanga Chhakchhuak

658
7
10

Its very help full . Thank You! – khush Jan 12 '23 at 04:29

Blocked loading mixed active content

4 Answers4

Linked