How to Avoid Security Warnings on Secure Pages

Last Updated: Nov 02, 2018 03:36PM EDT

Security Warnings on Secure Pages


If a page is loaded on the HTTPS protocol (e.g. https://www.YourStore.com/shop/pc/OnePageCheckout.asp), but one or more elements included in the page are being loaded using the HTTP protocol (e.g. <script type="text/javascript" src=" http://www.google-analytics.com/urchin.js "></script>), then a security warning message like the one below might be shown.



Note that not all browsers show these alerts with the same degree of visibility (could be just an icon in the status bar). These can very negatively impact your drop-off rate (customers become uncomfortable with your store's security and leave the store).
 

Linking vs. Loading Content

Security warnings are not caused by “links” to pages or other content, but rather by the way files are loaded onto the page itself. The type of files that are loaded onto a Web page (and that typically cause this problem) include:
  • Images
  • Cascading Style Sheets (.css files)
  • Java Script Files (.js files)
 

How to Fix the Problem

To fix the problem you simply need to eliminate any code that loads elements onto the page via the HTTP protocol, and replace it with code that loads the same content either locally or via HTTPS.

Follow these steps:
  1. Download pc/header.asp and pc/footer.asp
  2. Open both files with an HTML editor
  3. Make sure that all files (see examples above) are loaded with either relative links (e.g. src=”../../images/myImage.gif”), relative absolutes (”/images/myImage.gif”) or absolute links that use the HTTPS protocol (e.g. src=“https//www.mystore.com/images/myimage.gif”). This includes any third-party script (including tracking code from Google, Yahoo!, etc.)

When using third-party scripts, make sure that you are using the HTTPS version of those scripts. Vendors sometimes make both the HTTP and HTTPS version available. Choose the HTTPS one.

Menu

  • Support Forums
  • Video Tutorials
  • Support Request
  • Support Policy
647e99095133bd6d1ae916f97dc7f92f@productcart.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete