1

This is the scenario: my website works through http and includes an iframe loading a swf file from another website of my own. The issue is i need the flash application to make a request to a remote host using https. Logically, i receive the security error in flash, so i thought i could secure the iframe page and then the request would be https to https.

The final scenario would be a http page with a https iframe containing a sef file majing requests to another https host. Will it work?

Federico Isasti
  • 11
  • 1
  • 2
    You should always be able to use HTTPS even within a HTTP page, just not HTTP within a HTTPS page. That said this is 2017. Why aren't you using HTTPS? – Tim Brigham Feb 09 '17 at 01:09

1 Answers1

1

1 - Yes, an https iframe inside an http webpage will work

2 - But it will not be secure: any MitM can replace the https connection by an http one. And your visitors will have no way to differentiate it.

Tom
  • 511
  • 3
  • 15
  • Thanks a lot. It's just a matter of how i make my swf file work. Sometimes my flash app needs to make requests to an external http host and sometimes a https one. – Federico Isasti Feb 09 '17 at 14:24