External HTTP URLs for an HTTPS site

We have a Magento 2 site hosted on Linode with NGINX as the webserver.

Our webpages have external HTTP iFrame URLs inside of our HTTPS site. Since they are not secure most browsers will not show these iFrame links. We are trying to determine what the best solution is to serve these external links over HTTPS.

2 Replies

In order for the content on a HTTPS URL to load, the browser requires that all of the content on the page is accessed over HTTPS. This is to prevent the possibility of accessing a page via HTTPS, while the content is accessed insecurely, thus giving the visitor the false impression of security.

I would suggest reaching out to the website administrator to determine if there are HTTPS URLs for the content you want to include. Alternatively, it may be possible for your website to periodically check those insecure URLs, and store the content on your webserver, so that the content can be provided on an HTTPS URL. For example, RSS was popular and may still be in use, or screen-scraping may be a solution.

However, you may want to investigate why you need content from another website displayed on your own website. Would it be possible to host your own copy of the content? Without knowing more about the content and what you're using it for, it sounds like this would be a discussion between your website administrator and the website administrator for the remote website, to find a solution that is good for everyone.

@jgreen unfortunately we cannot download that content and serve it from our secure server because its a proprietary video player in an iFrame that hides the source files of the video.

we did try to get the owner of the iFrame videos to server them over HTTPS but they are refusing sadly. Hence we are trying to find some sort of solution. We did find the following which we have not tried:


  1. You can try with google proxy:


  1. Create your own redirect script on an https page you control (a simple javascript redirect on a relative linked page should do the trick. Something like: (you can use any language/method)

https://example.com That has an iframe linking to…

https://example.com/utilities/redirect.html Which has a simple js redirect script like…

document.location.href ="http://thenonsslsite.com";


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct