Recently one of my friends asked me to check his e-shop on the fact that upon entering the SSL page, the buyer has received popup with message “Do you want to display the nonsecure items?” that and probably because of this message some buyers simply closes the browser window and leave the store without buying anything.

I immediately realized that most likely this popup message refers to some sort of forgotten images that appealed directly to http path, and of course I agreed to help him. But after half an hour I realized that I was mistaken … all images loaded via SSL and nothing was pointed to http path directly. After several tests with fidler I realized that the problem is not so simple.

After several tests and few cups of coffee the problem was solved, and as luck would have it proved to be quite trivial thing …
When flash object added to page there several default parameters added by default like “pluginspage” or “codebase” with pointing to adobe site throw http that may be interpreted as internet explorer as a request to the HTTP page. After simple change this problem was solved.

So if you encounter a similar problem simple change will help to solve this problem. For example:

from: pluginspage = “http:/ / www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash”

to: pluginspage = “/ / www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash”