Wednesday, October 13, 2010

Ensure all your external assets are SSL too

Just a quick reminder to link all your assets with https:// when they are under SSL. Since libraries such as jQuery are hosted by third parties such as Google, it's easy to forget to use https. When a user accesses a page under https and some assets are not accessed securely, the user will see a dreaded message warning that the page has some unsecured assets.

In Rails I use the request protocol which returns http: or https://

= javascript_include_tag "#{request.protocol}"

I have updated my Webmaster Launch Checklist to include this item.

Please note this blog is no longer maintained. Please visit CivilCode Inc - Custom Software Development.