On 21 February 2011 14:09, will trillich <[email protected]> wrote: > Nope it's not the javascript. Searching view-source for "http://"; shows only > DOCTYPE, xmlns, <!-- comments --> and links to other/external websites. > The session cookie does show as non-secure, so that's why we're thinking > it's the main culprit. > Otherwise, is there a tool out there that helps discover what Explorer is > griping about when it says "this page contains both secure and nonsecure > items..."?
Hi, It shouldn't matter that it's not a secure cookie - that's just a flag that tells the browser it shouldn't send the cookie back to the same domain on any non-SSL requests. Cookies are sent as part of a request/response for a URL - so it's a URL that's the problem, not a cookie. I recommend you try viewing the page in a browser that will let you see all network requests - e.g. firefox with the firebug plugin running. Carl _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
