dorsetdigital

The other way is, "yes, we can include this non-secure information in our secure site. It'll take a day of development and a day of testing to build a local proxy" 🙂

kinglozzer

The way we’ve communicated this to clients in the past is: you don’t want to make your site less secure, just because someone else is too lazy to set up HTTPS 😄

dorsetdigital

Given that SSL is free these days, there's really not much of a reason to not install a certificate

vanny

client has been trying that for 3 years, they refuse to

kinglozzer

Well, the best solution is to annoy whoever controls the iframe contents until they install an SSL certificate 😜

😂 (1)
vanny

and use absolute links for all pages and default it to https:// unless i flagged non

vanny

ok, so I have to write some crazy link check

kinglozzer

@vanny The short answer is no, the longer answer is… only if you proxy them 😛