allow http iframe on a https page with apache HTACCESS

Question

I have a problem with the HTACCESS

I have a web page with an SSL certificate, for example https:// www. example.com

Then i have to inject an iframe from other company on my web. The iframe is not https, its just http and the other company is not about to change this.

So i have to allow on my htaccess this iframe.

I put this iframe on a page that cannot be http

for example, if my entire web is https:// www. example.com i want to turn https:// www. example.com/en/potato to http:// www. example.com/en/potato so i will can inject the http iframe.

I've tried to do

RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST}  !^/en/potato$ [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine on

RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} ^/en/potato$ [NC]
RewriteRule ^(.*)$ http://xxx.example.com/en/potato [R=301,L]

Any sugestion?

Also the web is made on php

Thanks!

Answer 1

You can't allow an http iframe in an https webpage. If you include an https webpage that redirect to http, it will be blocked too.

What you can do it try to proxy the content of the iframe through an https server, or ask nicely the owner of the http webpage to add https to his website.