Hi everyone, I am wondering if anyone could possibly explain the security issues with the iframe. If we are connecting to a website that is running on https protocol through an iframe, will the communication still be safe because on the website that contains the iframe, url does not change to https. and what are the other methods of incorporating external website into another, such as server side includes, using cURL in php etc? Thank you so much in advance. Cheers
I imagine the main security issue is that user wants to feel secure that they are on the https: domain and see that domain with a padlock in the status bar of their browser. If the https page is embedded in your page, it takes the feeling of being secure away. Sorry I don't know the answer on the technical issues but would question whether is the best solution. Maybe a seperate popup window with the secure page would be better?