stackoom
  简体   繁体   中英

Loading external JavaScript files over HTTP on website that uses SSL

 原文  2014-09-23 07:37:54       javascript/ ssl

Question

What are potential drawbacks of loading an external widget over HTTP when my website is accessible over HTTPS ? 

<!-- https://www.example.com -->
<script src="http://www.external-source.com/widget.js"></script>

Are any warnings going to be displayed to the user? Any way to suppress them? Will this script be loaded in all times?

EDIT:

What happens when we load an external JS over HTTPS, but with non-commercial certificate? Will the warnings be shown?

1 answers

solution1
 1 ACCPTED  2014-09-23 08:00:12

Loading a script with plain (insecure) http inside a secure (https) site completely defeats the security of the site. Therefore most modern browsers will simply refuse to load the script without any warnings and without giving the user a way to enforce the loading.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Including external javascript that uses jquery in the website? Tips on loading external css and javascript over https External Javascript files not loading when published to IIS Does WKWebView support loading of external javascript files? Order of loading external CSS and JavaScript files Issue loading external files (CSS and JavaScript) in Safari Javascript is not loading when I load the content of external website Dynamically loading external javascript resources in Splash HTTP rendering service SSL websites with http external links Get external JSON files from javascript - local website
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM