Security Warnings on Secure Pages
Note that not all browsers show these alerts with the same degree of visibility (could be just an icon in the status bar). These can very negatively impact your drop-off rate (customers become uncomfortable with your store's security and leave the store).
Linking vs. Loading ContentSecurity warnings are not caused by “links” to pages or other content, but rather by the way files are loaded onto the page itself. The type of files that are loaded onto a Web page (and that typically cause this problem) include:
- Cascading Style Sheets (.css files)
- Java Script Files (.js files)
How to Fix the ProblemTo fix the problem you simply need to eliminate any code that loads elements onto the page via the HTTP protocol, and replace it with code that loads the same content either locally or via HTTPS.
Follow these steps:
- Download pc/header.asp and pc/footer.asp
- Open both files with an HTML editor
- Make sure that all files (see examples above) are loaded with either relative links (e.g. src=”../../images/myImage.gif”), relative absolutes (”/images/myImage.gif”) or absolute links that use the HTTPS protocol (e.g. src=“https//www.mystore.com/images/myimage.gif”). This includes any third-party script (including tracking code from Google, Yahoo!, etc.)
When using third-party scripts, make sure that you are using the HTTPS version of those scripts. Vendors sometimes make both the HTTP and HTTPS version available. Choose the HTTPS one.