Google’s SSL Fail

May 25, 2012/

Though the page is secure, Google Chrome gives the warning at the top in yellow (click for larger view)

This is stunning: I just spent the last two hours tracking down a checkout page problem and it turns out it was Google’s fail on SSL! This from a company that is promoting the hell out of “https” and security.

I went in to our checkout page and tracked every single element to make certain it was secure — and the Woocommerce software we use performs a “force SSL” on page elements to ensure they’re secure — but I just couldn’t figure out why I was receiving a warning in Google Chrome that said, “This page has insecure content.

The problem? Warnings like this are overwhelming for most people and almost ALWAYS why they abandon their shopping carts. When you’re running a business, that’s the LAST thing you want people doing when they’re checking out!

Guess what I discovered after I did a “View Source” and finally an “Inspect Element” of the page viewing the console to see errors? THAT THE WARNING WAS BEING TRIGGERED BY THE GOOGLE FONTS BEING PULLED FROM THEIR SITE. Yep. It was the CSS declaration: @import url(http://fonts.googleapis.com/css?family=PT+Sans); that was the culprit. Simply adding an “s” after “http” fixed it and the warning vanished.

Seriously Google? Perhaps making SSL pulls mandatory will fix it. I know, I know…the SSL adds a lot of overhead and I’ll work on selectively pulling an SSL font just on the checkout pages, but you sure don’t make this stuff any easier with crap like this you guys.

Posted in  

3 Comments

  1. ROb on August 4, 2013 at 7:54 pm

    What file in Woocomerce was this in?



  2. Steve Borsch on August 5, 2013 at 8:27 am

    Any “@font” declaration is made in the theme’s “style.css” file.



  3. Jeremy Blake on October 25, 2013 at 5:00 pm

    Update: There was a bug in this plugin that broke my theme. I found a workaround in the meantime while the dev’s work it out. Instead of the plugin recommended below, install this plugin, open the tag-pages.php file, and edit the custom post type from “page” to whatever your custom post type is. I documented […]



Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About Steve Borsch

Strategist. Learner. Idea Guy. Salesman. Connector of Dots. Friend. Husband & Dad. CEO. Janitor. More here.

Facebook | Twitter | LinkedIn

Posts Menu

Posts by Category

Archives (2004 – Present)

Tags

#Minnedemo Adobe apple bitcoin bodyscanning civil liberties coffee collaboration communications Computing COVID-19 education Featured flash food formaldehyde HD HD video heavy rain history of computing Internet of Things #IoT iPad London meaning micropayments obama oil organic penny photo archiving photo retouching processed food ps3 Senseo Social Media storytelling toxic TSA Twitter video VPN webconferencing Wikileaks Wordpress Woz

Connecting the Dots Podcast

Podcasting hit the mainstream in July of 2005 when Apple added podcast show support within iTunes. I'd seen this coming so started podcasting in May of 2005 and kept going until August of 2007. Unfortunately was never 'discovered' by national broadcasters, but made a delightfully large number of connections with people all over the world because of these shows. Click here to view the archive of my podcast posts.