Security with an IFrame of https site in a non-https site

Page 1 of 1

1 Replies - 348 Views - Last Post: 09 June 2012 - 03:02 AM

#1 icedd  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 5
  • View blog
  • Posts: 98
  • Joined: 04-March 08

Security with an IFrame of https site in a non-https site

Posted 05 June 2012 - 07:52 AM

Hi guys,

I'm wondering if their are security issue with the following.

I have a website that I'm working on. http://Cardp.ca (with NO SSL). They have a registration form on a seperate url with sensitive information, https://cardpregister.com (has SSL). Until I remake the Secure form and add an SSL on http://cardp.ca , is their any security issue if:

On a page in http://cardp.ca I make an iframe of https://cardpregister.com so users can feel like they are still on cardp.ca in the mean time?

Thanks for any input,
Mods - Sorry if this is the wrong location :D

Icedd

Is This A Good Question/Topic? 0
  • +

Replies To: Security with an IFrame of https site in a non-https site

#2 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3115
  • View blog
  • Posts: 4,675
  • Joined: 08-June 10

Re: Security with an IFrame of https site in a non-https site

Posted 09 June 2012 - 03:02 AM

That shouldn't be a problem. The browsers won't let you interact with the contents of an iframe, unless it's source matches the URL of the main page. That is, unless the domain name, the protocol (http and https would be different protocols) and the port are the same.
Was This Post Helpful? 0
  • +
  • -
Page 1 of 1