"Only secure content is displayed" in IE - can't resolve

Question

The website I work on has a bunch of PDF docs that load within an iframe in a popup window. I can't get any of the docs to open in IE because of the message 'only secure content is displayed'. When I click 'show all content' the popup closes so the doc never shows.

I know I can disable this client side, but the problem is that we have a lot of users, and don't expect them all to disable this option within IE themselves, so it needs to be fixed server side really.

Having done a bit of research I've come to the conclusion that this happens because the website I work on is a secure one (https), but the PDF docs which get loaded in the iframe are loaded from a different, unsecure site. I can't just add https to the link or the PDFs don't load. So I somehow need to trick IE into thinking it's loading a secure bit of content when it's not.... I think..

Can anyone enlighten me further on this, and maybe suggest a solution :D

Thanks

Answer 1

You need to place the PDF from the https. Else, you need to read the PDFs from the offsite URL and then binary write it from a https server script.

Answer 2

One solution would be to create a backend servlet/CGI script in your application that will serve as a wrapper for the static content hosted in the other site. This way your content will be delivered securely.

You might be able to do this from your webserver too, if you have access to its configuration.