I imagine it might just be a poor implementation in IE. It might be doing something stupid like determining that the inclusion of a mimetype is nonsecure. It doesn't make sense that anything could go through http when accessing via https, without a link in your page that points to somewhere else.
To make sure, you could disallow http access to the site completely, and/or block port 80 at your firewall. Otherwise, I'm sure there's a security hole in IE that you could make it think that anything from anywhere is secure. :) Oscar On Tue, 3 Feb 2004, Wendy Smoak wrote: > > From: Oscar Carrillo [mailto:[EMAIL PROTECTED] > > I've noticed this too when including a Flash application. > > I noticed that only IE complains. Mozilla doesn't. Is this > > the same case for you? > > Yes. :( And most of my users are on IE. > > So... Has anyone pinned down what Tomcat is sending that makes IE upset? > I saw a post in the archives where someone thought maybe the text/pdf > header was going in clear text? > > Any thoughts on appropriating the Thawte certificate that Apache is > using and installing it on Tomcat, or is that not really the problem? > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
