Use the Security tool to inspect the security of a page.
To open the Security tool:
To open DevTools, right-click a webpage, and then select Inspect. Or, press Ctrl+Shift+I (Windows, Linux) or Command+Option+I (macOS). DevTools opens.
In DevTools, on the Activity Bar, click the Security tab. If that tab isn't visible, click the More Tools (
) button.
The Security tool opens:
The Security tool is useful for debugging a variety of security issues. The sections below describe some common problems that you might use the Security tool for.
When the main origin of a page isn't secure, the Security Overview says This page is not secure.
This problem occurs when the URL that you visited was requested over HTTP. To make it secure you need to request it over HTTPS. For example, if you look at the URL in your address bar, it probably looks similar to http://example.com. To make it secure the URL should be https://example.com.
If you already set up HTTPS on your server, all you need to do to fix this problem is configure your server to redirect all HTTP requests to HTTPS.
If you haven't set up HTTPS on your server, Let's Encrypt provides a free and relatively easy way to start the process. Or, you might consider hosting your site on a CDN. Most major CDNs host sites on HTTPS by default now.
팁
The Use HTTPS hint in webhint can help automate the process of making sure that all HTTP requests are directed to HTTPS.
Mixed content means that the main origin of a page is secure, but the page requested resources from non-secure origins. Mixed content pages are only partially protected because the HTTP content is accessible to sniffers and vulnerable to man-in-the-middle attacks.
In Microsoft Edge, mixed content requests are automatically upgraded to HTTPS when possible. If the resource is not available over HTTPS, the request is blocked.
The Security tool provides more details about the origins which a webpage requested resources from, and the security of those origins. The sections below describe how to view more details.
To quickly inspect the certificate for the main origin, in the Security Overview, click View certificate. The Certificate Viewer opens:
To view the details of an origin, in the left navigation panel, click one of the origins. Detailed information about the origin appears:
From the details page you can view:
참고
Portions of this page are modifications based on work created and shared by Google and used according to terms described in the Creative Commons Attribution 4.0 International License. The original page is found here and is authored by Kayce Basques.
This work is licensed under a Creative Commons Attribution 4.0 International License.
학습
모듈
Protégez-vous contre les attaques malveillantes et les accès non autorisés avec Microsoft Edge
인증
Microsoft Certified: Azure Security Engineer Associate - Certifications
Démontrez les compétences nécessaires afin de mettre en œuvre des contrôles de sécurité, de maintenir la posture de sécurité d’une organisation, et d’identifier et de remédier aux vulnérabilités en matière de sécurité.
설명서
Outil de ressources pour les développeurs - Microsoft Edge Developer documentation
Outil ressources du développeur dans Microsoft Edge DevTools.
Outil de blocage des requêtes réseau - Microsoft Edge Developer documentation
Utilisez l’outil de blocage des requêtes réseau dans Microsoft Edge DevTools pour bloquer les demandes réseau sélectionnées, afin de savoir à quoi ressemblent les pages web et se comportent lorsque certaines ressources ne sont pas disponibles.
Utilisez l’outil Problèmes pour identifier et résoudre les problèmes liés à la page web actuelle.