We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox is serving my site as HTTPs and this is causing an error on the pages where my site has an iframe - what can I do to solve this?

  • 6 replies
  • 1 has this problem
  • 1 view
  • Last reply by John99

more options

Hi,

We have an application that runs on our site Flagology.com. This iframe application is not secure. On Firefox we have recently noticed that our iframe is not always being served to the customer. See this link: https://www.flagology.com/product/dog-photo-garden-flags/

What other options do we have or what do you recommend to fix this error?

Thank you, Lindsey

Hi, We have an application that runs on our site Flagology.com. This iframe application is not secure. On Firefox we have recently noticed that our iframe is not always being served to the customer. See this link: https://www.flagology.com/product/dog-photo-garden-flags/ What other options do we have or what do you recommend to fix this error? Thank you, Lindsey

All Replies (6)

more options

Your frame src is

http://designer.flymyphoto.com/api_ext.php

which then redirects back to

http://www.flagology.com/wp-content/plugins/woocommerce-realtimedesigner/RTD_templates.php

Since the first server can't handle HTTPS, you're stuck there. Users can make an exception (see attached screen shot), but then Firefox modifies the framed page to

https://www.flagology.com/wp-content/plugins/woocommerce-realtimedesigner/RTD_templates.php

and the images from the other server can't be displayed (woocommerce page uses relative paths so Firefox tries to retrieve them using the same protocol as the framed page).

In short, this part of your site does not work on HTTPS. But why are users getting HTTPS pages instead of HTTP pages?

I don't know if you shop on Amazon much, but they forcibly redirect users from HTTPS to HTTP except during account access and checkout. You might need to do something like that if the intermediary site doesn't support HTTPS.

more options

Hello,

When you have a web page that serves 'Mixed content', where the page itself is served over HTTPS and some part of the page is served over insecure HTTP, Firefox (and other browsers) block the display of the insecure content. The only sensible solution to this problem is to serve everything over HTTPS.

There is an article about this on the Mozilla Developer Network, called 'How to fix a website with blocked mixed content'.

I hope this information was useful.

more options

jscher2000 said

Your frame src is http://designer.flymyphoto.com/api_ext.php which then redirects back to http://www.flagology.com/wp-content/plugins/woocommerce-realtimedesigner/RTD_templates.php Since the first server can't handle HTTPS, you're stuck there. Users can make an exception (see attached screen shot), but then Firefox modifies the framed page to https://www.flagology.com/wp-content/plugins/woocommerce-realtimedesigner/RTD_templates.php and the images from the other server can't be displayed (woocommerce page uses relative paths so Firefox tries to retrieve them using the same protocol as the framed page). In short, this part of your site does not work on HTTPS. But why are users getting HTTPS pages instead of HTTP pages? I don't know if you shop on Amazon much, but they forcibly redirect users from HTTPS to HTTP except during account access and checkout. You might need to do something like that if the intermediary site doesn't support HTTPS.

Hi - by suggesting that we force to HTTP are you suggesting put in a redirect to force HTTP? When I visit Amazon on firefox, it redirects me to HTTPs.

more options

Gert Van Waelvelde said

Hello, When you have a web page that serves 'Mixed content', where the page itself is served over HTTPS and some part of the page is served over insecure HTTP, Firefox (and other browsers) block the display of the insecure content. The only sensible solution to this problem is to serve everything over HTTPS. There is an article about this on the Mozilla Developer Network, called 'How to fix a website with blocked mixed content'. I hope this information was useful.

The developer of the application in the iframe has told us that it is not recommended to serve an iframe over https - is this something you are aware of?

more options

LindseyFlagology said

Hi - by suggesting that we force to HTTP are you suggesting put in a redirect to force HTTP? When I visit Amazon on firefox, it redirects me to HTTPs.

This must be a recent change. For the better, from a privacy perspective. But yes, if your product pages do not work work smoothly on HTTPS, you can redirect to HTTP.

LindseyFlagology said

The developer of the application in the iframe has told us that it is not recommended to serve an iframe over https - is this something you are aware of?

Why not?! Because then you would need to use one of their competitors? HTTPS is the future that is nearly here; they need to get on board.

more options

Update. Sorry I posted without updating the thread first


It works for me ok

If someone tries to open it as https, or possibly you have a link or iframe using https then Firefox's Mixed Content Blocking may be triggered e.g.

Modified by John99