Is it possible to have a different HTTPS domain in an iFrame, in a different HTTPS domain?

Question

Is it possible to have a different HTTPS domain in an iFrame, in a different HTTPS domain?

Do browsers get security errors when "https://sub.example.com" is embedded in the iFrame inside "https://www.example.com"?

If not, are there any restrictions? Do they need to use the same SSL certificate (wildcard)?

+7

ssl https iframe

Murat Ayfer Jun 2 '11 at 10:03

source share

1 answer

bobince · Answer 1 · 2011-06-02T22:15:56+0000

No, HTTPS content from many separate sources (through images, iframes, scripts, etc.) can contain one page, preserving the "secure user interface" if all resources pass the certificate verification themselves. It does not have to be the same hostname, the same domain, the same certificate, or the same CA.

Is it possible to have a different HTTPS domain in an iFrame, in a different HTTPS domain?

More articles: