Reputation: 49085
Tools for finding Non SSL resources in web page (firebug like tool)
I'm trying to find a non-SSL resource that is being loaded on my site. This happens occasional where one of us forgets to use the https version of a resource (like some js in a CDN).
My question is there any firebug-like tools to find these "Turds in the punch bowl"? I want my green padlock back :)
Upvotes: 1
Views: 816
Answers (2)
Reputation: 28036
mitm-proxy is great for stuff like this - http://crypto.stanford.edu/ssl-mitm/
You run it on your local machine in a console window, set your browser to use it as a proxy, and you can watch /log everything that your browser requests. It's a little noisy since it shows SSL hand-shaking and file contents, but you can filter that down. When you need to debug SSL communications it's invaluable to see those details though..
mitm-proxy is based on http://grinder.sourceforge.net/g3/tcpproxy.html which has more in the way of scripting capabilities.
Upvotes: 0
Reputation: 122649
Besides Firebug, which you've mentioned, you can use the developer tools in Chrome:
- Tools menu -> Developer Tools
- Go through the list of loaded resources in the Network tab
Alternatively, the HttpFox extension for Firefox can also be useful. It will keep logging the traffic even when you change pages, which may be useful in some cases.
(This is very similar to Firebug.)
Upvotes: 1
Related Questions
- How to find what sources are not using ssl?
- Find out what resources are not going over HTTPS
- How to identify insecure content in Chrome DevTools or Firefox?
- SSL not fully secured (How to find non https links)?
- How do I figure out which parts of a web page are encrypted and which aren't?
- Find non-ssl items on an https page
- How to determine if browser supports https resources
- Any tool available to detect what's not HTTPS on an encrypted page?
- Analyze page to see which resource is not transfered in https
- How to find which element breaks HTTPS on a webpage?