Unauthenticated content warning on Members' Facilities pages

Queries, errors or glitches regarding Exetel's public web site
Post Reply
smithi
Posts: 47
Joined: Wed May 30, 2007 1:21 am
Location: Mountain Top

Unauthenticated content warning on Members' Facilities pages

Post by smithi » Wed Mar 28, 2012 11:06 pm

Hi,

only noticed this tonight, can't be certain but I think I'd have noticed before; in any case it's very recent.

Mozilla (seamonkey) shows the main page https://www.exetel.com.au/members/home.php and most (but not all) of its subpages showing a red broken padlock on its status line, mouseover saying 'Warning: contains unauthenticated content', clicking which brings up the Page Info / Security tab stating:

"Connection partially encrypted
Parts of the page you are viewing were not encrypted before being transmitted over the internet.
Information sent over the internet without encryption can be seen by other people while it is in transit."

I had a quick look through the (received) page source but nothing jumped out at me - not claiming too much expertise, nor time spent :) If I was a betting man I'd put money on some broken Javascript ..

cheers, Ian

LATER EDIT ..

Ok, after restarting my browser after a week or two running, this isn't happening anymore, so it likely was broken Javascript - on my end. Weird and unusual. Pardon the noise, delete at will .. Ian

User avatar
Dazzled
Volunteer Site Admin
Posts: 6003
Joined: Mon Nov 13, 2006 1:16 pm
Location: Sydney

Re: Unauthenticated content warning on Members' Facilities p

Post by Dazzled » Thu Mar 29, 2012 9:48 am

It's not Javascript. Seamonkey itself follows up the certificate at the point of connection - see under Security Features at http://www.seamonkey-project.org/legal/privacy. You may have inadvertently turned this feature off. If it happens again with the browser not picking it up, an easy way to check a site's certificate is with openssl.

smithi
Posts: 47
Joined: Wed May 30, 2007 1:21 am
Location: Mountain Top

Re: Unauthenticated content warning on Members' Facilities p

Post by smithi » Thu Mar 29, 2012 3:11 pm

Dazzled wrote:It's not Javascript. Seamonkey itself follows up the certificate at the point of connection - see under Security Features at http://www.seamonkey-project.org/legal/privacy. You may have inadvertently turned this feature off. If it happens again with the browser not picking it up, an easy way to check a site's certificate is with openssl.
Thanks Daz,

I've never had OCSP validation turned on, but am set to notice encr/unencr mix, usually only seen on relatively dodgy sites, which is why I was surprised. Seamonkey isn't perfect (understatement!) and after a busy few days with a zillion tabs often needs restarting due to having leaked too much memory, but I'd not seen this behaviour before. There was nothing to indicate it was a cert problem, if it was, and I'm putting it down as a mystery not worth chasing, but I will try restarting it before reporting apparent errors next time :)

cheers, Ian

Post Reply