Announcement:Materials and articles for ProductCart 5 can be found at our brand new support center.

Create an account to edit articles | See Formatting Syntax for Wiki syntax | We look forward to your contribution!

How to avoid security warnings on secure pages

Why it happens

If a page is loaded on the HTTPS protocol (e.g. https://www.YourStore.com/shop/pc/OnePageCheckout.asp), but one or more elements included in the page are being loaded using the HTTP protocol (e.g. <script type="text/javascript" src=" http://www.google-analytics.com/urchin.js "></script>), then a security warning message like the one below might be shown.

Example of a security warning message

Note that not all browsers show these alerts with the same degree of visibility (could be just an icon in the status bar). In Internet Explorer 8, for instance, they are very visible (see screen shot above) and can very negatively impact your drop-off rate (customers become uncomfortable with your store's security and leave the store).

Linking vs. loading content

Security warnings are not caused by “links” to pages or other content, but rather by the way files are loaded onto the page itself. The type of files that are loaded onto a Web page (and that typically cause this problem) include:

How to fix the problem

To fix the problem you simply need to eliminate any code that loads elements onto the page via the HTTP protocol, and replace it with code that loads the same content either locally or via HTTPS.

Do the following:

  • Download pc/header.asp and pc/footer.asp
  • Open both files with an HTML editor
  • Make sure that all files (see examples above) are loaded with either relative links (e.g. src=”../../images/myImage.gif”), relative absolutes (”/images/myImage.gif”) or absolute links that use the HTTPS protocol (e.g. src=“https://www.mystore.com/images/myImage.gif”). This includes any third-party script (including tracking code from Google, Yahoo!, etc.).

When using third-party scripts, make sure that you are using the HTTPS version of those scripts. Vendors sometimes make both the HTTP and HTTPS version available. Choose the HTTPS one.


QR Code
QR Code How to avoid security warnings on secure pages (generated for current page)