Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Saber mais

Esta discussão foi arquivada. Se precisar de ajuda, por favor, coloque uma nova questão.

false security warning on login forms within an iframe

  • 1 resposta
  • 1 tem este problema
  • 163 visualizações
  • Última resposta por samuelcolvin
  • Arquivadas

samuelcolvin
samuelcolvin

I have a login form which uses an iframe to insulate the password from the rest of the app.

All content both in the parent window and the iframe is loaded over https, however I'm still getting the "This content is not secure..." message.

Why is this?

The iframe is loaded with `sandbox="allow-forms allow-scripts"` eg. without Same-Origin (This is to prevent code running in the parent window introspecting the login form to find passwords).

Could this be the cause of the problem? If so, is it intentional, could it be documented or fixed?

I have a login form which uses an iframe to insulate the password from the rest of the app. All content both in the parent window and the iframe is loaded over https, however I'm still getting the "This content is not secure..." message. Why is this? The iframe is loaded with `sandbox="allow-forms allow-scripts"` eg. without Same-Origin (This is to prevent code running in the parent window introspecting the login form to find passwords). Could this be the cause of the problem? If so, is it intentional, could it be documented or fixed?

Todas as respostas (1)

samuelcolvin
samuelcolvin Proprietário da pergunta

For some reason my attached screenshot didn't come through the first time, see attached.

URL is https://events.handsupfoundation.org/login/