Quote:
|
Originally Posted by geckoday
An outside source has nothing to do with the secure warnings. A lot of us include google JS code for analytics on our secure pages without a problem. In this case it has even less to do with secure warnings as its a server side include, not a client side include which are the includes that generate security warnings.
The header PHP code would need to generate appropriate href's for http & https to avoid secure warning messages but that's really a moot point. The error message indicates that PHP is configured to not allow includes via URL's - i.e. it only allows local includes. Most hosts do this as a security measure to limit hacker exploits from grabbing malicious code from external servers.
|
That's because the Google Analytics code automatically switches to SSL when you're in SSL mode hence why you don't get the warning. I agree with balinor it causes problems and a lot of customers who are not well informed about security will be automatically turned off should they get a warning about "Insecure Content" on the page and a broken lock.