dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
517
share rss forum feed


GeekNJ
Premium
join:2000-09-23
Waldwick, NJ
Reviews:
·Optimum Online
·Verizon FiOS

NOSCRIPT tag and HTTPS - Browser Behavior

I came across some code that was provided to me to be implemented that I see different browser behavior on and was wondering if anyone has a reference that might help.

If a page is viewed as HTTPS in a browser, it looks like IE and FF ignore references in a NOSCRIPT tag if Javascript is enabled in the browser and doesn't alert the browser/site visitor. Google Chrome seems to flag the HTTP reference in the NOSCRIPT tag as non-secure making the entire page appear non-secure, though it would never execute the reference.

Yes, I know I would make the reference HTTPS but was wondering if there's any document referencing how various browsers handle this situation?

Example code:
<noscript>
<img src="http://www.somedomain.com//H.24.1--NS/0" height="1" width="1" border="0" alt="" />
</noscript>
 

Do you think IE and FF are handling it properly and Chrome isn't or visa-versa?

--
Tweaked your connection? | Mail Parse | Speed Converter


cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7
said by GeekNJ:

Do you think IE and FF are handling it properly and Chrome isn't or visa-versa?

I'm too lazy to test it right off hand, but I would be curious to know if Chrome requests the image or confirm that IE/FF does not request it.

From a strict standpoint, I'd imagine that Chrome's behavior, as long as it doesn't request the content and is just flagging it merely because it has a non-secure link, is the "correct" one although I'm not sure if the specs would specify the "correct" behavior.


GeekNJ
Premium
join:2000-09-23
Waldwick, NJ
Reviews:
·Optimum Online
·Verizon FiOS
I'm a bit perplexed right now as Chrome is no longer showing the alert that the page has non-secure elements on it, though the page is 100% the same and unchanged. I can only guess that there was something cached locally causing Chrome to consider a non-secure reference. I just can't replicate now.
--
Tweaked your connection? | Mail Parse | Speed Converter