Toolbar communication causes Security Warnings in IE - 88 views

• 
  #1 Rob McPherson on 09 Aug 10

   

  No so much a bug, rather undesirable behaviour, but when viewing an SSL-encrypted page (https), requests from the toolbar trigger Internet Explorer's Security Warning dialog, namely:
  
  Security Warning
  Do you want to view only the webpage content that was delivered securely?
  This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage.
  
  Having received the above message on a page which I knew to be 100% SSL served, I performed a checked of the request headers being sent, and discovered that the toolbar was sending 3 separate POST requests to a URL similar to the following:
  
  http://toolbar3.diigo.com/chappai/pv=13/ct=tb/cv=5.1.7/user=diigo_username/cmd=bm_loadBookmark
  
  Are there any plans to use SSL for toolbar communications and/or alternative methods to quieten these (admittedly quite proper and correct) warnings?

   

  <div class="cArrow"> </div><div class="cContentInner">No so much a bug, rather undesirable behaviour, but when viewing an SSL-encrypted page (https), requests from the toolbar trigger Internet Explorer's Security Warning dialog, namely: <br /> <br /> Security Warning <br /> Do you want to view only the webpage content that was delivered securely? <br /> This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage. <br /> <br /> Having received the above message on a page which I knew to be 100% SSL served, I performed a checked of the request headers being sent, and discovered that the toolbar was sending 3 separate POST requests to a URL similar to the following: <br /> <br /> <a href="http://toolbar3.diigo.com/chappai/pv=13/ct=tb/cv=5.1.7/user=diigo_username/cmd=bm_loadBookmark" rel="nofollow" target="_blank">http://toolbar3.diigo.com/chappai/pv=13/ct=tb/cv=5.1.7/user=diigo_username/cmd=bm_loadBookmark</a> <br /> <br /> Are there any plans to use SSL for toolbar communications and/or alternative methods to quieten these (admittedly quite proper and correct) warnings?</div>

  ...

  Cancel
• 
  #2 Michael GDB on 10 Aug 10

   

  oh thank you so much for identifying this @$^@$ nuisance - so it's Diigo - this is VERY frustating / and it occurs far, far too much / well i've had zero responses on my own partial list of problems with diigo / so i guess i'll have to start yet another search for some tagging program that actually works the way one should work

   

  <div class="cArrow"> </div><div class="cContentInner">oh thank you so much for identifying this @$^@$ nuisance - so it's Diigo - this is VERY frustating / and it occurs far, far too much / well i've had zero responses on my own partial list of problems with diigo / so i guess i'll have to start yet another search for some tagging program that actually works the way one should work</div>

  ...

  Cancel
• 
  #4 Graham Perrin on 10 Aug 10

   

  See also
  http://groups.diigo.com/group/Diigo_HQ/content/1017480 (2009-10-21),
  security warning in IE8

   

  <div class="cArrow"> </div><div class="cContentInner">See also <br /> <a href="http://groups.diigo.com/group/Diigo_HQ/content/1017480" rel="nofollow" target="_blank">http://groups.diigo.com/group/Diigo_HQ/content/1017480</a> (2009-10-21), <br /> <b>security warning in IE8</b></div>

  ...

  Cancel
• 
  #5 gerhard_r on 24 Feb 11

   

  I have the same problem.
  Uninstalling diigo toolbar and then reinstalling does not help.

   

  <div class="cArrow"> </div><div class="cContentInner">I have the same problem. <br /> Uninstalling diigo toolbar and then reinstalling does not help.</div>

  ...

  Cancel

To Top