Viewing IFRAME independent of whether using HTTP or HTTPS

Question

Let's say I have the following IFRAME. It works fine as long as the browser is viewing the page using HTTP, however, if the browser is viewing the page using HTTPS, it will result in errors, and the IFRAME must be changed to also use HTTPS.

<iframe id="sitePreview" name="sitePreview" src="http://preview.administrator.test6.example.com/index.php?cid=17&amp;preview=1330668404"></iframe>

Without using server script to customize the protocol of the HTML based on the protocol being used to view the page, is it possible to create the URI so that they will work with both HTTP and HTTPS?

Also, please comment if this applies to other links such as:

<img alt="Map" src="http://maps.google.com/maps/api/staticmap?markers=color:blue|31 Milk St Boston MA&amp;zoom=14&amp;size=400x400&amp;sensor=false" class="map">

<script src="http://maps.googleapis.com/maps/api/js?v=3.exp&amp;sensor=false&amp;libraries=places" type="text/javascript"></script>

Answer 1

I think this would work: If(location == "https://whatever.com") { //this is https } Else { //it's http }

Let me know if I didn't get it right and I will recode it.

Answer 2

Keep in mind cross site iframe calls can be tricky, read this article: http://blog.cakemail.com/the-iframe-cross-domain-policy-problem/, however, since it does load, I'm assuming you are including an iframe from the same domain.

To answer your question, simply drop the protocol off the src, you would reference it as:

<iframe id="sitePreview" name="sitePreview" src="//preview.administrator.test6.example.com/index.php?cid=17&amp;preview=1330668404"></iframe>

This will make sure that it will use whatever protocol the parent is using...

You could also hardcode it to https, but that would mean that every request will serve a secure image which creates unnecessary overhead...