Skip to content
  • There are no suggestions because the search field is empty.

How to Avoid Security Warnings on Secure Pages

Security Warnings on Secure Pages


If a page is loaded on the HTTPS protocol (e.g. https://www.YourStore.com/shop/pc/OnePageCheckout.asp), but one or more elements included in the page are being loaded using the HTTP protocol (e.g. <script type="text/javascript" src=" http://www.google-analytics.com/urchin.js "></script>), then a security warning message like the one below might be shown.


Note that not all browsers show these alerts with the same degree of visibility (could be just an icon in the status bar). These can very negatively impact your drop-off rate (customers become uncomfortable with your store's security and leave the store).
 

Linking vs. Loading Content

Security warnings are not caused by “links” to pages or other content, but rather by the way files are loaded onto the page itself. The type of files that are loaded onto a Web page (and that typically cause this problem) include:
  • Images
  • Cascading Style Sheets (.css files)
  • Java Script Files (.js files)
 

How to Fix the Problem

To fix the problem you simply need to eliminate any code that loads elements onto the page via the HTTP protocol, and replace it with code that loads the same content either locally or via HTTPS.

Follow these steps:
  1. Download pc/header.asp and pc/footer.asp
  2. Open both files with an HTML editor
  3. Make sure that all files (see examples above) are loaded with either relative links (e.g. src=”../../images/myImage.gif”), relative absolutes (”/images/myImage.gif”) or absolute links that use the HTTPS protocol (e.g. src=“https//www.mystore.com/images/myimage.gif”). This includes any third-party script (including tracking code from Google, Yahoo!, etc.)

When using third-party scripts, make sure that you are using the HTTPS version of those scripts. Vendors sometimes make both the HTTP and HTTPS version available. Choose the HTTPS one.


Please note: The contents of this article apply only to licensed versions of the ProductCart software. They do not apply to stores running as a hosted application under a ProductCart Live agreement.