Allowing http content inside https site

Question

I have project hosted using https and i wanted to show http content inside an iframe. But my problem is when i load the site inside the http nothing shown on the page accept a warning "The page is trying to load script from unauthenticated sources".

<iframe id="demoSite" src="{{$product->demo_url}}" frameborder="0" width="100%" height="100%">
</iframe>

Many people will find this as an accepted answer. But in 2018 it doesn't give you the right answer. If you have doubt see the comments below of the post. How to allow http content within an iframe on a https site

So anybody have the solution please help me to solve it. Thanks

score 2 · Answer 1 · answered Jan 26 '18 at 17:51

As Joe stated, you can't.

And there are really good reasons for that. I still believe you can do it if you proxy the request trough your own secure server.

I advise against it, but in theory, you can create a service to serve the insecure content trough a 'safe' connection:

https://example.com/proxy-the-iframe?unsafe-url=http://yourunsafecontenthere.com

That's just bringing unsafe content into your website though.

The best option is: Don't use http inside https, or use http and accept the unsafe origin of the iframe.

will a proxy server help? – kakakakakakakk Aug 31 '21 at 19:00 — kakakakakakakk, Aug 31 '21 at 19:00

Allowing http content inside https site

1 Answers1