Support » Plugin: Pinterest RSS Widget » Insecure Elements with hard-coded HTTP assets

  • I had a client that really loves this plugin. It’s an e-commerce site so we had to force HTTPS for the whole site (which is quickly becoming best practice generally anyway). This was the only plugin that was producing insecure elements. I was able to resolve it by doing a search/replace through the main plugin file for:

    find: scr=”http:” | replace with: src=”https:

    There were only 4 elements, but since it’s a widget it affected MANY of the pages.

    Solution Suggestions:
    1) either do a protocol-less link (e.g. src=”//”) or
    2) or do a function that checks in advance for the protocol
    3) Or serve all those assets over HTTPS since they are offsite anyway (to my memory)

  • The topic ‘Insecure Elements with hard-coded HTTP assets’ is closed to new replies.