post

Google’s SSL Fail

Though the page is secure, Google Chrome gives the warning at the top in yellow (click for larger view)

This is stunning: I just spent the last two hours tracking down a checkout page problem and it turns out it was Google’s fail on SSL! This from a company that is promoting the hell out of “https” and security.

I went in to our checkout page and tracked every single element to make certain it was secure — and the Woocommerce software we use performs a “force SSL” on page elements to ensure they’re secure — but I just couldn’t figure out why I was receiving a warning in Google Chrome that said, “This page has insecure content.

The problem? Warnings like this are overwhelming for most people and almost ALWAYS why they abandon their shopping carts. When you’re running a business, that’s the LAST thing you want people doing when they’re checking out!

Guess what I discovered after I did a “View Source” and finally an “Inspect Element” of the page viewing the console to see errors? THAT THE WARNING WAS BEING TRIGGERED BY THE GOOGLE FONTS BEING PULLED FROM THEIR SITE. Yep. It was the CSS declaration: @import url(http://fonts.googleapis.com/css?family=PT+Sans); that was the culprit. Simply adding an “s” after “http” fixed it and the warning vanished.

Seriously Google? Perhaps making SSL pulls mandatory will fix it. I know, I know…the SSL adds a lot of overhead and I’ll work on selectively pulling an SSL font just on the checkout pages, but you sure don’t make this stuff any easier with crap like this you guys.