I'm my example it was the other way around. You load an insecure page over HTTP without triggering any visible warning. And then you load a secure iframe over HTTPS with a login form and this triggers the "Not secure"…
You are correct about that. I think that the main problem with iframes (and frames in general) is that it's impossible for the user to check in an easy way where they originates from. If the URL bar would automatically…
Opening up a secure HTTPS iframe (for example from another domain) on a non-secure HTTP website labels the entire site as "Not Secure". This will generate an unnecessary warning to the user when the login form or the…
I'm my example it was the other way around. You load an insecure page over HTTP without triggering any visible warning. And then you load a secure iframe over HTTPS with a login form and this triggers the "Not secure"…
You are correct about that. I think that the main problem with iframes (and frames in general) is that it's impossible for the user to check in an easy way where they originates from. If the URL bar would automatically…
Opening up a secure HTTPS iframe (for example from another domain) on a non-secure HTTP website labels the entire site as "Not Secure". This will generate an unnecessary warning to the user when the login form or the…