Log in form in a lightbox

We've been trying to implement a site with a http home page, but https everywhere else. In order to do this we hit the rather big snag that our login form, in a lightbox, would need to fetch a https form using ajax, embed it in a http page and then (possibly) handle the form errors, still within the lightbox.

In the end we gave up and just mad开发者_C百科e the whole site https, but I'm sure I've seen a login-in-a-lightbox implementation on other sites, though can't find any examples now I want to.

Can anyone give any examples of sites that have achieved this functionality, or explain how/why this functionality can/can't be achieved.

The Same Origin Policy prevents this. The page is either 100% HTTPS or it's not. The Same Origin Policy sees this as a "different" site if the protocol is not the same.

A "lightbox" is not different than any other HTML - it's just laid out differently. The same rules apply.

One option would be to use an iFrame. It's messy, but if having the whole shebang in https isn't an option, it can get the job done.

you might be able to put the login form into an iframe so that users can login through https while it seems they are on a http page,

but im not sure why you would want to do this.