issue with mixed content in google chrome

747 views
Skip to first unread message

Thapa, Padam

unread,
Mar 25, 2022, 10:35:09 AM3/25/22
to securi...@chromium.org

Hi,

 

We are facing issue with mixed content in SAP site where clicking a hyper link which should opens content from another SAP server in new browser windows is not working and getting Not Secure error.

 

 

We have implemented GPO setting InsecureContentAllowedForUrls and added the SAP URLs but still getting the same error. If we downgrade to v83 then its working fine.

 

Please let us know why the GPO setting is not taking effect for version higher than 83.

 

 

Regards,

Padam Thapa

System Consultant

Timken Engineering & Research India Pvt. Ltd.

 

T +91-41362000

39-42, Electronic City Phase1

Bangalore, Karnataka-560201

 

   Stronger. By Design.

 

Carlos IL

unread,
Mar 25, 2022, 11:17:35 AM3/25/22
to Thapa, Padam, securi...@chromium.org
Hi Padam,

Are you getting any console errors in developer tools?
The "Not Secure" warning is expected when loading mixed content via the policy, so that part is working as intended.

-Carlos

Thapa, Padam

unread,
Mar 25, 2022, 12:56:22 PM3/25/22
to Carlos IL, securi...@chromium.org

Hi Carlos,

 

When we click some reference number which is a hyperlink that’s opens content from another SAP server, then we get Not secure error and page doesn’t open.

 

Google has given ADMX file for chrome using which we have set the GPO setting “InsecureContentAllowedForUrls” and included both SAP server URL but still hyperlink page doesn’t open.

 

 

Regards,

Padam Thapa

System Consultant

Timken Engineering & Research India Pvt. Ltd.

 

T +91-41362000

39-42, Electronic City Phase1

Bangalore, Karnataka-560201

 

   Stronger. By Design.

 

Carlos IL

unread,
Mar 25, 2022, 1:02:24 PM3/25/22
to Thapa, Padam, securi...@chromium.org
Hi Padam, can you open the dev tools console (ctrl+shift+i, then click the Console tab), and load the page, anch check if there are any errors there related to mixed content? Thanks.

-Carlos

Carlos IL

unread,
Mar 25, 2022, 2:10:29 PM3/25/22
to Thapa, Padam, securi...@chromium.org
Hi Padam, this warning, in combination with the "Not Secure" chip in the url bar, means the content is indeed being loaded. The error when mixed content frames are blocked looks like this:
mixedblocked.png
I'd suggest checking if this website is affected by any other changes that happened in Chrome 84, rather than mixed content.

-Carlos

On Fri, Mar 25, 2022 at 10:39 AM Thapa, Padam <padam...@timken.com> wrote:

Hi Carlos,

 

In developer tool we are getting below error.

 

Thapa, Padam

unread,
Mar 25, 2022, 2:39:21 PM3/25/22
to Carlos IL, securi...@chromium.org

Hi Carlos,

 

In developer tool we are getting below error.

 

 

 

Regards,

Reply all
Reply to author
Forward
0 new messages