What does the Https - "not fully secure" warning signify? Does it mean that the attackers might be able to see the images?

555    Asked by AndrewJenkins in SQL Server , Asked on Dec 24, 2021

What does this warning (Https - "not fully secure") mean in laymans terms and should I sign into the website with my username and password or will it be too risky? I read in a blog while going through the internet that - While the majority of websites have already migrated to HTTPS, HTTPS sites can still be labeled as not secure. There are two main ways that this can happen: Calls to non-secure 3rd party resources like images, Javascript, and CSS. Expired, missing, or invalid SSL certificates.


Answered by Amit raj

I think it's worth pointing out that Chrome will also give you this message if there's a form tag on your page with a non-secure action and yes, the attackers might be able to see the images. Chrome just displayed this message to me:


Your connection to this site is not fully secure Attackers might be able to see the images you're looking at on this site and trick you by modifying them. This can point you in entirely the wrong direction if the problem is in fact a form with a non-secure action. So, this is good:

 and this is bad: You haven't requested any content from http://www.example.com/whatever.php yet, but if your user submits the form, it won't be secure, hence Chrome's warning.



Your Answer

Interviews

Parent Categories