“Only Secure Content is displayed” warning message when viewing CRM forms with IFRAME

After configuring an existing CRM solution to display some external content inside of IFRAMEs, we had to move the CRM web site from port 80 to SSL. After completing the configuration, we ran into a constant warning message in the browsers:

  • Internet Explorer: “Only Secure Content is displayed” with a button to allow all the content to be loaded
  • Chrome: “This page includes script from unauthenticated sources” with a link to load the unsafe script

The warning is actually indicating an obvious point: when you are running a web site configured for HTTPS/SSL, it makes sense from a security perspective to not display frames or other content that is not secured. The resolution is extremely simple, just move your custom content to a secured web site. The warnings will go away and the content of the frame will be displayed.

On the flip side, you can display secured content even if your CRM website is not configured for HTTPS.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s