Looking for a HTTPS/HTTP mixed content "sniffer" tool
I am hoping someone here can help me out. I am looking for a tool/addon that can point out exact what on the page is triggering a mixed content error. The browser will tell me that something on the page is not secure, but it won't tell me where or what the non secure item is so I can fix it.
Here is my recent example of this problem. I had a issue with a HTTPS page with a doubleclick tracking pixel on it. It was a standard tracking pixel iframed on to the page and the page iframed was HTTPS with no cert problems. It turned out that the page being iframed has a javascript call that was HTTP and this was triggering the mixed content error.
Unfortunately it took me almost two days to figure out the page being iframed was making the non-ssl call, not anything on the site.
If anyone here could help me find a tool or point to a browser feature that I don't know about that could help me sniff out these mixed content error faster you would make my life so much easier.
Solução escolhida
You can glean a little more information from Firefox's Browser Console (Ctrl+Shift+j). Mixed content blocks generate a log entry in the security category. If you enter mix in the filter box in the upper right of the console, that should help drill down on the message. (Screen shot example attached.)
Now... you still need to figure out what is generating the request, but hopefully this will help.
Ler esta resposta 👍 1Todas as respostas (3)
Solução escolhida
You can glean a little more information from Firefox's Browser Console (Ctrl+Shift+j). Mixed content blocks generate a log entry in the security category. If you enter mix in the filter box in the upper right of the console, that should help drill down on the message. (Screen shot example attached.)
Now... you still need to figure out what is generating the request, but hopefully this will help.
Thank you so much! This will really help me narrow down the mixed content issues.