Categories: Account Access and Safety :

Why is Google breaking HTTPS??? (yellow triangle warning)

Showing 1-54 of 54 messages
Why is Google breaking HTTPS??? (yellow triangle warning) BOBAH 5/21/09 6:20 AM
I load Gmail via HTTPS (https://mail.google.com/mail/) but it is not 100% secure, because there is always a warning in the address bar (at least in Chrome) saying "The page contains some insecure elements." Clicking on the triangle gives "Your connection to mail.google.com is not encrypted." Same thing happens when I load Docs (https://docs.google.com/). My questions is: WTF? Is it secure or NOT?!?

2009-05-21
The "insecure" warning is consistent on my personal laptop (Chrome v2.0.172.27) but it doesn't happen at work (Chrome v1.0.154.65) -- Could this be a problem with Chrome 2.x?

2009-05-21
Also OK are IE7 (7.0.6001.18000) and IE8 (8.0.7100.0)
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 5/21/09 6:43 AM
I don't see this on my chrome. It may depend on what labs features or themes you are using.

Generally the problem comes from the fact that the page itself is secure, but it references/includes some elements over insecure connections. Depending on exactly what kinds of elements are insecure, this could be a serious security problem or it could be unimportant.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) BOBAH 5/21/09 7:27 AM
Alright, there is some strangeness: while I was opening/reloading tabs in Chrome, I was getting the "insecure" warning. After I closed Chrome completely, and started it again -- the warning is gone. Since Chrome didn't say what the exact problem was (very vague descriptions) - it's really hard to troubleshoot.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) mojo 6/8/09 9:04 PM
same problem in chrome. chrome blows.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) ebouchut 9/28/09 10:40 AM
Joshua, switching back to Gmail standard theme fixed the problem for me.
Thanks.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) kurage 10/6/09 12:35 PM
It happens on my chrome when I click "always show images from this sender", so I have been busy reversing the permission on all emails I receive. Then close all chrome tabs and re-open chrome, which solves the problem.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) flubio123 10/15/09 10:13 AM
I can verify that this also happens in the Developer Channel build. My details below:

*****************************************************
Explain your issue in full detail here:
When accessing Gmail with labs or with labs disabled I have the orange exclamation mark in the URL window. 
Upon clicking the orange exclamation mark it says that the identity has been verified but that the connection is not secure. 
Operating system (e.g. WinXP): WinXP SP3
Program and version you use to access Gmail (e.g. Internet Explorer 7 or Outlook 2003):  Chrome 4.0.221.6
Your antivirus software (e.g. Norton 2007): nothing, just Windows Firewall and router firewall
Any extensions, toolbars or plug-ins: nkGestures
*****************************************************
Re: Why is Google breaking HTTPS??? (yellow triangle warning) spirosag 10/24/09 1:16 AM
I'm having this problem too in the developer channel build
Re: Why is Google breaking HTTPS??? (yellow triangle warning) GirishE 11/4/09 6:40 AM
I too get this warning, but it happens only when I open gmail from iGoogle. 
Re: Why is Google breaking HTTPS??? (yellow triangle warning) gafai 11/9/09 8:34 AM
i have same problem with https://mail.google.com/mail/ connection is not encrypted (not secure) in Chrome 4
Re: Why is Google breaking HTTPS??? (yellow triangle warning) mystica 11/11/09 7:39 PM
I don't see the "connection is insecure" however I see PLENTY of port 80 connections, versus very few port 443 connections when I run an lsof on my OSX laptop:

firefox-b  318           mike    6u  IPv4 0x583066c      0t0    TCP Ratatosk.sakurachan.lan:61174->iw-in-f19.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   38u  IPv4 0x6e73a68      0t0    TCP Ratatosk.sakurachan.lan:61142->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   46u  IPv4 0x6e9d270      0t0    TCP Ratatosk.sakurachan.lan:61188->iy-in-f19.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   47u  IPv4 0x6e7566c      0t0    TCP Ratatosk.sakurachan.lan:61143->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   48u  IPv4 0x6e9d66c      0t0    TCP Ratatosk.sakurachan.lan:61145->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   49u  IPv4 0x7ee2e64      0t0    TCP Ratatosk.sakurachan.lan:61146->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   51u  IPv4 0x6e74270      0t0    TCP Ratatosk.sakurachan.lan:61147->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   52u  IPv4 0x6e72270      0t0    TCP Ratatosk.sakurachan.lan:61148->iy-in-f106.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   53u  IPv4 0x6ee566c      0t0    TCP Ratatosk.sakurachan.lan:61149->iy-in-f106.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   55u  IPv4 0x6e74a68      0t0    TCP Ratatosk.sakurachan.lan:61150->iy-in-f106.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   56u  IPv4 0x7ee266c      0t0    TCP Ratatosk.sakurachan.lan:61178->iy-in-f105.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   61u  IPv4 0x6967a68      0t0    TCP Ratatosk.sakurachan.lan:61151->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   63u  IPv4 0x6e7266c      0t0    TCP Ratatosk.sakurachan.lan:61152->iy-in-f106.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   72u  IPv4 0x6e7466c      0t0    TCP Ratatosk.sakurachan.lan:61153->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   73u  IPv4 0x7eed270      0t0    TCP Ratatosk.sakurachan.lan:61154->iy-in-f106.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   75u  IPv4 0x7eeda68      0t0    TCP Ratatosk.sakurachan.lan:61155->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   76u  IPv4 0x6e75270      0t0    TCP Ratatosk.sakurachan.lan:61179->iy-in-f105.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   84u  IPv4 0x8239a68      0t0    TCP Ratatosk.sakurachan.lan:61180->iy-in-f105.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   85u  IPv4 0x6e73270      0t0    TCP Ratatosk.sakurachan.lan:61189->iy-in-f19.1e100.net:443 (ESTABLISHED)
firefox-b  318           mike   88u  IPv4 0x7eede64      0t0    TCP Ratatosk.sakurachan.lan:61161->iy-in-f115.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   90u  IPv4 0x7ee2a68      0t0    TCP Ratatosk.sakurachan.lan:61190->iy-in-f19.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   91u  IPv4 0x7eed66c      0t0    TCP Ratatosk.sakurachan.lan:61191->iy-in-f19.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   93u  IPv4 0x6e72a68      0t0    TCP Ratatosk.sakurachan.lan:61192->iw-in-f112.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   94u  IPv4 0x6ee5270      0t0    TCP Ratatosk.sakurachan.lan:61193->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   95u  IPv4 0x823966c      0t0    TCP Ratatosk.sakurachan.lan:61194->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   96u  IPv4 0x6e75e64      0t0    TCP Ratatosk.sakurachan.lan:61195->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   97u  IPv4 0x7ee2270      0t0    TCP Ratatosk.sakurachan.lan:61196->iy-in-f105.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   98u  IPv4 0x6ee6e64      0t0    TCP Ratatosk.sakurachan.lan:61197->iy-in-f139.1e100.net:80 (ESTABLISHED)
firefox-b  318           mike   99u  IPv4 0x6e92a68      0t0    TCP Ratatosk.sakurachan.lan:61198->iw-in-f112.1e100.net:443 (ESTABLISHED)

I just re-ran the lsof command, with some 'wc' options.. first command sees how many port 80 (http) connections are there, vs how many secure port 443 (https) connections:

Ratatosk:~ mike$ sudo lsof -i -P |grep 1e100 |grep 80 |wc -l
      18
Ratatosk:~ mike$ sudo lsof -i -P |grep 1e100 |grep 443 |wc -l
       2

Why are they not all https?
What is being sent 'in the clear'?

Google, please explain!
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Jimbo Styx 12/8/09 9:37 PM
I am having this issue too.  I am running with all labs features disabled and no external content displayed.  This doesn't occur in basic HTML mode.  It happens just after I sign in.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) dick.dunbar 1/15/10 1:02 AM
Started adding extensions to chrome and Lab features to gmail under Chrome 4.0.249.64 (35722) stable

Noticed the Yellow Triangle, and tried to figure out what was wrong.
Without disabling all the Lab features, I decided to try it on my other browsers:

FireFox 3.5.5  ... Can't even sign in to Gmail.  A redirect happens, and I'm left at this URL:

 (Can't spot anything secret in that URL ... )

Clicked on "can't access my account".   (nice dialog ... very thoughtful)
(*) Loading issues?
  * Returned to login page without an error
  * security/firewall problems?
  * McAfee
  * None of these installed (Better gmail, firebug, funwebproducts,my web search toolbar)
  * Firefox browser  (shouldn't the dialog be able to figure that out?)
   -- close all browser windows, clear private data (cookies, cache)
   -- visit the secure site (That's what I'm having problems with)
---- Nope, same issue ... just flashed back to login screen. 
On my own now, try
  http://gmail.com .... redirects me to https://www.google.com

Login at the google.com/ig page.   Hmmmm, I am logged in at the ig page.
Click gmail link at the top of /ig .... same problem, can't log me in.

Without gmail access, how do I revert to no secure login?

IE8 8.0.6001.18702   (Why won't Microsoft let me copy that data from Help/About?
 - gmail link works fine.  google.com/ig page showed I was logged in.

Safari  4.0 (530.17)  (Apple won't let me copy version info either)
--- also works fine.

Just Chrome and Firefox are having problems;  Firefox more severe than Chrome.


Re: Why is Google breaking HTTPS??? (yellow triangle warning) dick.dunbar 1/15/10 1:55 AM
FireFox 3.5.5  issue resolved.

In Chrome, I determined (*) don't always use https <sic> was set.
Changed to always use https, and now Firefox gmail comes up fine.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) silentmagic 1/21/10 10:34 AM
I have the very same yellow Triangle warning about insecure content on the page, and in the light of the news in terms of breaches of security and people hacking into gmail accounts I am really concerned about it.  I often use my laptop on the move and this is of great concern.  What does this message definitely mean?  Is this still secure or Not.  My mind sees anything other and the good old Padlock and I start to panic.  Someone make this go away??????

The only thing I think I have changed lately was having my themes change randomly, which I have since stopped as I suspect this was the problem. Turns out it wasn't.  HELP!!!
Re: Why is Google breaking HTTPS??? (yellow triangle warning) fedup1 1/29/10 10:55 AM
I have the same problem with Chrome. It started about the same time as the forced introduction of https by Google but I see that others have had the same problem long before. I changed the browsing mode back to http in my settings but it has made no difference. Given that no one at Google seems to even acknowledge the problem I shall dump Chrome and use good old IE6 where I still get the padlock.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 1/29/10 11:03 AM
Oh my god. Changing to IE6 for security reasons is like going to an all-you-can-eat desert buffet so that you can lose weight.

Remember folks: The broken padlock indicates that the connection is not as sucre as full https is supposed to be. But it is still more secure than accessing gmail via regular http (which fedup1 seems willing to do and which is the standard way of accessing most webmail).

fedup1: If you are still getting a broken lock icon with https turned off in gmail's settings, then you should logout and reaccess gmail through an http (non-secure) link like
Even with https off in settings, gmail will still use https if you access it over a secure link.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) shyatt60 1/29/10 11:35 AM
Same thing is happening to me.  Getting the yellow triangle saying that certain items on this page are not secure (not the exact message).  This seems to have starting happening recently.  Any help appreciated.
 
Re: Why is Google breaking HTTPS??? (yellow triangle warning) shyatt60 1/29/10 11:39 AM
By the way, only seems to be happening with Chrome.  Didn't do the same thing with Firefox.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 1/29/10 11:42 AM
You are getting this now because gmail recently INCREASED the default security. The yellow triangle is telling you that the new security is not as perfectly secure as it should be, but it is still MORE secure than what you had a few weeks ago.

In other words, while I agree it shouldn't be there, it is nothing to get too upset about.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) shyatt60 1/29/10 12:46 PM
Thanks for the feedback....much appreciated
Re: Why is Google breaking HTTPS??? (yellow triangle warning) fedup1 1/29/10 2:39 PM
Thanks for the reply Joshua. With respect, however, your reassurances sound more like two lame excuses. If the new security is not as secure as Google declared it to be with such a fanfare a few weeks ago, then it is right that the triangle should be there and we should all be on our guard!  By the way, I am accessing Gmail through an http link and the yellow triangle (not a broken lock) is still there. 

And if this is why the triangle is popping up, then why was it popping up 7 months ago as testified by BOBAH (top of this page) to which you also replied at the time?

As for IE6 not being secure (it was actually a typo, I'm using IE8) I have used Internet Explorer in all its reincarnations for 15 years and never had a problem with it, so I shall carry on helping myself to desert from that buffet - I don't have a weight problem.  


Re: Why is Google breaking HTTPS??? (yellow triangle warning) BOBAH 1/29/10 5:56 PM
I don't know what the "Top Contributor" qualifier exaclty means in these forums, but I doubt that Joshua speaks on Google's behalf. Especially after hearing words such as "not as sucre as full https is supposed to be" -- which doesn't make me feel any better about the yellow triange with a message "Your connection to mail.google.com is not encrypted" -- who should I believe, Joshua or Chrome??

I've upgraded now to latest version 4.0.249.78 - and now I get a yellow triange in Gmail and Docs as soon as a page loads -- and I always access them via HTTPS.

Google may be competent in Internet search - but that doesn't translate into everything. In many ways, they just suck.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) michaeldean 2/1/10 10:22 PM
am getting yellow triangle which when clicked show that there are 'insecure elements'
Surely this is a 100% gmail page?
any ideas
thanks

Re: Why is Google breaking HTTPS??? (yellow triangle warning) JasonC 2/2/10 9:48 AM
I am also getting the yellow triangle accessing my gmail from a hotel I am currently at. For all I know someone is accessing my account now, how can I tell? seeing the yellow triangle doesn't inspire confidence!
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 2/4/10 2:33 PM
This might be a tolerable situation if we had some way of seeing WHICH parts of the page are insecure.  Can you show us that?
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 2/4/10 5:17 PM
In my case, if I completely close chrome and then restart it I can get a connection with the proper lock icon. If I ever access any message with an embedded image that is served over http (non-secure), then I lose the lock icon and I can't get it back, even by refreshing gmail or logging out and logging in again.

If you see something similar, then this is mostly expected behavior. If you access messages with insecure content, then your session IS partially insecure. But the https still protects you almost as well as normal. The only thing that could be modified by an attacker would be the insecure images.

If that is not what you are seeing, try running chrome with all your labs disabled and with all your chrome extensions turned off and see if that helps. Remember to completely close chrome to test each time.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 2/4/10 9:59 PM
Josh, While you may be technically correct, the warning icon, as implemented, is not useful for the average end user. 

When the insecure content warning is showing, all we know is that there is some kind of problem with the security.  How am I, and average user, supposed to know the severity of the problem on the particular web page which I am viewing at any given time?  As far as I know, the security could be almost completely broken.  Or not.  Which is it?

The problem is that the warning is vague, and I, as an average end user, do not have enough information on which to modify my web browsing behavior.  I see the warning, and I have an extremely uneasy feeling that something is wrong, while I go on browsing with a knot in my stomach.

Tell me: in any given situation in which that warning appears, how am I supposed to react?  On what information would this be based?

If the warning is meaningless, then it should not appear at all.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 2/5/10 4:58 AM
I agree it's not a great situation. But email is just a dangerous medium in general: by it's nature it brings in content from all over the place, some of which is not going to be secure.

At the end of the day, you are absolutely correct to be skeptical whenever you see the warning icon. But if you trust the site you are visiting, and you have an explanation for why some insecure content is being delivered, then you need to live with it.

If I got the same thing when visiting my bank website, I would react differently for two reasons: 1) The data in there is more important than my email and therefore needs to be more carefully protected; and 2) There is no reason for the bank website to be bringing in insecure data while it is a necessity in gmail.

Ideally chrome should be much more explicit about exactly what insecure content is being delivered. This would allow us to make a better judgement.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 2/5/10 6:22 AM
Thanks, Joshua.  You're the best.  :-)

To Google:  When Chromium displays the "insecure content" icon, it should 1) visually flag the content in question and B) provide an "inspect element" ability so that the techies can see HTML code in question. 
Re: Why is Google breaking HTTPS??? (yellow triangle warning) ebouchut 2/5/10 6:32 AM
I finally found out a way to restore the lock icon and get rid of the "connection partially encrypted" warning message when accessing Gmail using HTTPS.
Here are the steps required for this to work (at least in my case):
  1- Disable Offline Gmail

  2- Uninstall the "Google Gears" Firefox add-on, restart Firefox

  3- Because I allowed Gmail to "Always display images from several senders" (mailing lists sending emails with embedded images retrieved using HTTP),
    I did not found out an appropriate query to search for all those senders. So the below search is a stub and you will need open each email in the search result to stop Gmail from "always displaying images from this sender" if needed:
      "has:attachment (filename:jpg OR filename:png OR filename:gif)"
    open an email sent by each one of those senders (with an embedded image),
    click "show Details", then next to "Images from this sender are always displayed." click "Don't display from now on".

  4- Reload the page


This workaround
partially satisfies ;-) me, up until the next time I will badly need to read my emails while offline ;-).
Now that I
understand what is happening behind he curtain, (ie. what is the reason of the warning message), I feel more enclined to reuse Google Gears in a near future.
That will probably be the day after the one I rush to the App Status DashBoard page ( http://google.com/appsstatus ) :-).


Hope this helps.
Regards.
Eric.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) silentmagic 2/14/10 10:26 AM
So now I am confused and even more concerned... I happen to of logged onto GMAIL using IE7 and I didn't notice the Padlock on the address bar!  Am I going Mad or did there used to be one.  Now that I am a convert to all things Google including mail, Chat and the rest... have a made a mistake?  Is this safe to use publically or not. I am not sure that anyone has really answered that. 
 
WHY IS THERE NOBODY FROM GOOGLE TO ADVISE ON THIS ONCE AND FOR ALL
 
Joshua has offered some helpful advice but again... with all due respect to your knowledge you are but one person talking any sence or atleast sounding like sense.
 
HELP!!!
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 2/14/10 10:33 AM
You are correct, Silentmagic.  Nobody at Google has indicated that they understand the issue, let alone plan to do anything about it.  But then, as with the "Buzz" roll-out, sometimes they just go off half-cocked without any warning whatsoever.  This is just the way Google is.  Like it or lump it.  :-( 
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Karl52101 2/19/10 10:13 AM
For me the problem exists in all browsers(opera 10.,Firefox,Chrome,IE). Can't access my contacts unless in standard view. However in that view Contacts management is not as powerful an application (fewer editing and data options). I've uninstalled the only extension I had in Chrome(google map add-on), I've changed to  classic theme. Only insecure element seems toi be a Google element, so why isn't it working? Contacts work better in one gmail account than another. hadn't notice the issue until today, but had no problems before Buzz(which I disabled and removed profile) Wassup GOOGLE?
Re: Why is Google breaking HTTPS??? (yellow triangle warning) ericvan76 2/22/10 9:30 PM
For Chrome:
Go to "Options"-->"Under the Hood"-->"Change Gears Settings", remove any "mail.google.com" sites, then re-login Gmail, then the warning will disappear.

NOTE: If you enabled "Offline" feature, all offline messages will be re-synced.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) JasonC 2/23/10 12:49 AM
@ericvan76 this did not work for me. Do I have to remove all of the sites that are using gears?
Re: Why is Google breaking HTTPS??? (yellow triangle warning) BOBAH 2/23/10 6:39 AM
@ericvan76, thanks for trying. But no. I'm not going to remove "any mail.google.com sites" and I'm not going to format my drive C:.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) OmaElke 3/1/10 2:39 PM
Thanks, ericvan76(2/23/10), and everyone else, for your input.
I am getting the insecure contents warning only when I access gmail via GoogleChrome, not when using Firefox or IE8.  I have made a note of the suggested steps, and may take them soon.  Alternatively, I will revert to Firefox or IE8 as my browsers, until GoogleChrome comes up with a fix.
Thank you very much.
 
Re: Why is Google breaking HTTPS??? (yellow triangle warning) groovyjoker 3/11/10 5:26 AM
Don't know if this will help, but I am seeing a yellow triangle in Chrome when I go to my Gmail. Another thread discusses this issue with references to some fixes from a Google employee you can try downloading - they are looking for feedback, too.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) rubensonofrio 3/24/10 10:02 AM
This is somewhat annoying because it makes me insecure of using Gmail which I've learn to like a lot. But now I'm really concerned about this triangle with an exclamation mark saying that the page contains insecure stuff and it's exposing me to attackers. I hate to go back to my old email, but I'm not gonna risk myself until Google fix it.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Joshua 3/24/10 10:30 AM
@rubensonofrio: I'll repeat what I said above. Gmail is MORE secure than it was before January and MORE secure than hotmail/yahoo/etc because it uses HTTPS. The warning is telling you that HTTPS is not as totally secure as it is supposed to be, but it is still more secure than these other providers that don't use it at all.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Aunie 5/19/10 12:34 PM
I also get in 'triangle' insecure data, but only when I am using docs.... what the heck is going on and how do I fix this???
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 5/19/10 4:09 PM
This is my cost-free opinion, for what it's worth.  There has been no responsible acknowledgement of this issue from Google.  That is, while Google may have, in passing, recognized the problem, nobody has taken responsibility.  

 
If I think about it, I realize that there are numerous far-flung systems and organizations that provide input (directly and indirectly) to any given web page.  How can anybody say with assurance whether a web page is secure or not?  It's presumptuous and preposterous.  

 
I've concluded that the warning triangle is actually the more accurate information, and that it applies to
all
all web pages.  Forget about looking for the lock.  It's a lie anyway.  


Re: Why is Google breaking HTTPS??? (yellow triangle warning) mebmalinkin 6/17/10 5:48 PM
I have had some very bizarre things happening with gmail in the last 
few weeks and have read through this thread looking for a solution...Seems like the consensus is to just ignore the warning about insecure content, but just in case someone has more insight on this, I'll relate my situation:

About two weeks ago I was suddenly unable to 
access my gmail account at all on my laptop.  I would get a message (on both 
IE and Mozilla) that the website was an untrusted site and posing to be 
something it's not etc.  This happened after I had 
installed various spyware/malware programs (in addition to what I already had) in an attempt to get rid of 
a virus that I got ( "Antispyware soft"). When I 
couldn't get rid of the virus, I eventually gave in and reformatted and everything so far seems 
virus free BUT now I am getting these frustrating security warnings about "some insecure content" 
on gmail.  Argh!

MANY THANKS FOR ANY SUGGESTIONS! 

Re: Why is Google breaking HTTPS??? (yellow triangle warning) JasonC 9/3/10 12:49 AM
This problem seems to have been fixed for me today. I logged out and then logged back in again hoping that my Priority Inbox feature had been enabled, it was and once I had logged in I now get a Green padlock :)
Re: Why is Google breaking HTTPS??? (yellow triangle warning) Greg Pfister 9/14/10 3:39 PM
I had this problem with Gmail in Chrome since... well, forever. I agree with the many posters that there really ought to be some way to flag the parts of a page that aren't secure.

Since going to Chrome 6, however, it's gone away for Gmail. Just a nice, friendly, green lock is shown.

At least it's shown for a while. After some period of time -- not sure how long, may have suspended & resumed -- it goes away, replaced by a pale white lock with a dastardly red "X" plastered on one corner.

Which, I just found out, goes back to a nice green lock when I do a full refresh of the page -- ctrl-shift-R.

Exactly what's going on, I've no idea, but C-S-R seems to fix it for me. (on Win Vista)
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 9/14/10 6:17 PM
I think they fixed "the yellow triangle" problem by getting rid of the yellow triangle.  :-/   

Now, sometimes I get the nice green lock, and other times I get the red skull and cross-bones.  I have no clue whatsoever about why it is one or the other, other than pure random chance (which is actually pretty hard to do on a computer, so kudos for that). 

I say Google should just stop the pretense.  Do yourselves a favor and remove the confusing and useless "information." When you learn how to fully cock the gun, there'll be less chance of shooting yourself in the face next time.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) parkper 10/3/10 7:22 AM
From what I've taken from this, through a little experimenting, is that if you "display images from *so-and-so" or allow another website access to your gmail, then that little triangle pops up. When you load a new tab up with gmail and go to regular emails or emails where you didn't allow access, then there is no triangle. I'm assuming that yellow triangle is just there to tell you that SOMEONE has access to your gmail account. The problem I have with this, is that if that yellow triangle shows up, you don't know WHO or HOW MANY people have access. It's like a missing semi-colon in a BILLION line code. You know something is wrong, you don't know how many errors or where.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) veiokej 10/4/10 5:23 AM
I was having this red-slash-through-HTTPS problem with GMail, so I took some of your tips and tried to fix it.

Nothing worked in the way you'd expect based on other user experiences. I started out with all plugins enabled on a freshly-reloaded empty Inbox box with no third-party content visible, to my knowledge. I then opened an incognito window, and the HTTPS went green. I then disabled a few plugins and restarted the browser. The HTTPS went green (not in incognito). I then reenabled all of them, and restarted the browser. The HTTPS stayed green. Go figure.

Maybe when I closed the browser I killed some insecure cookie (as I have cookies set for autodestruct upon browser termination). This would be consistent with incognito being green, as it's ignorant of regular-mode cookies. I can't think of anything else that would explain this inconsistency, save for a bug, or some huge latency, in the way that the HTTPS icon is displayed.

Now I'm trying to get the red HTTPS icon to come back, but I can't, save for enabling images in emails. But I know that wasn't the original cause of the breakage, as I never do that.

If I can get the icon back, I'll start killing cookies and reloading the page, one by one until it goes green, then let you know what I found...

Re: Why is Google breaking HTTPS??? (yellow triangle warning) veiokej 10/7/10 1:49 AM
The red-slash-through-HTTPS icon came back. I fixed it by restarting the browser (and thus clearing cookies). Really sounds like an insecure cookie. Will drill down more next time.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) LycheeJelly 12/10/10 4:52 PM
well one time, my lock was green, but then I copied and pasted a picture from online, and then it turned yellow. Then i refreshed the page, and it was green again, but when i opened the draft w/th picture from the internet, it turned yellow again, so i think it was the picture because it was unknown or something to google
Re: Why is Google breaking HTTPS??? (yellow triangle warning) DanVondra 12/10/10 5:02 PM
Yes, it's fun guessing what that little thing means, isn't it?  To me, it means nothing.  I've even taken to blocking it out of my vision, like one does with ads.

"Since I gave up hope, I feel much better."
Re: Why is Google breaking HTTPS??? (yellow triangle warning) BOBAH 1/12/11 8:28 AM
This thing with gmail is 100% annoying. This morning, I consistently get "however this page contains other resources which are not secure" when viewing just the message list. Fcuking amatures.
Re: Why is Google breaking HTTPS??? (yellow triangle warning) samjg1 1/12/11 9:48 AM
has anyone received a reply from Google itself about the slash through https?
You'd think they could have an explanation. I just started seeing this this morning on any https:// connecdtion. 
maybe I should just use IE for the secure connections. I don't get it there.
More topics »