Check for Secure Content References in HTML
The following process ensures that all parts of your pages(s) load securely by removing code that makes them load insecurely.
STEP 1: Open your web editor and inspect your pages for every component type listed in the table below. For example, search the text of the code for the less-than sign and first word, for example <img.
Note: You can ignore any components that begin with the code “<a href="URL">”, since those hyperlinks point not to an object within the page, but to another web page entirely, and are not relevant to the changes you’re making.
Type of page component | HTML element and relevant attribute |
|---|---|
Image elements |
|
Included external CSS stylesheets |
|
Included external Javascript scripts |
|
Embedded Shockwave Flash animations or Java applets |
|
| |
Embedded audio |
|
Embedded video |
|
Inline frame |
|
STEP 2: Once you locate a place where a URL is being specified in the code, make sure it does not specify “http:” at the beginning. If it does, simply remove that part.
For example, if the URL looks something like the following:
http://www.lehigh.edu/~inabc/section/images/newsitem.jpg
change it to://www.lehigh.edu/~inabc/section/images/newsitem.jpg
If there is no “http:”, leave the URL exactly as it is. For example, the following URLs do not need to be changed:/~inabc/section/images/newsitem.jpg
images/newsitem.jpg
Repeat steps 1 and 2 for every occurrence of any of the specified components in the file.
STEP 3: Re-publish your web page(s) after you’ve made your changes. The process is considered complete (for any given page) in the absence of any security errors or messages in the web browser or the browser console.
In addition to using the browser's built-in console, there are a few security-check tools that may help you identify and fix mixed-mode problems: