Google Chrome incorrectly reporting “mixed content” on SSL-encrypted pages
Chrome will show a green icon the left of a URL that is SSL-encrypted and does not use “mixed content”. In other words, a page that displays only secure content over an HTTPS connection. That’s great, and increases user trust. However, if the site contains 20 pages and one of them contains an external non-HTTPS JavaScript file, Chrome will display a red “skull and bones” icon to the left of the URL bar, and that icon will remain displayed next to that site’s URLs for that visitor until they close Chrome.
For example, Skype offers a status button to display a user’s Skype status. That relies on a JavaScript file that resides on Skype’s servers and is only available over an HTTP connection. So, to use this on an all-SSL site, you’d probably need to put it inside an iframe.
I suppose Chrome’s developers might think that if one page on a site contains such content, they’d better keep warning the user about other pages on that site too, even though the other pages do not contain mixed content. I would prefer tit actually be accurate.
Enjoy this article?
Blogroll
- A List Apart – my profile
- Award-winning web design
- Design for Adoption
- my LinkedIn profile
- Twitter profile
Get E-mail Alerts
- new site: Interferometrics, Inc. http://t.co/FNJa8P8t
- new site: Virginia Martial Arts Academy http://t.co/jiSTMqZE
- Create and Update Content Without Programming Knowledge http://t.co/IFfTyiJd
- Google Checkout is now Google Wallet http://t.co/K8OVEmed