[Catalyst] Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)

Ashley Pond V apv at sedition.com
Mon Feb 21 14:38:49 GMT 2011

On Mon, Feb 21, 2011 at 6:11 AM, will trillich
<will.trillich at serensoft.com> wrote:
> That's a neat trick -- hadn't heard of that one before. But the javascript
> isn't our "nonsecure-items" problem.

Protocol free // isn't a javascript specific technique while we're on
it. It simply means use the protocol that's currently in action. It
will work for images and such as well as long as your server can send
them secured. This technique was gaining traction 10 years ago but
doesn't seem to get much use today.

More information about the Catalyst mailing list