: Using HTTP (insecure) ad providers on HTTPS (secure) site As more and more browsers adopt stringent checks around preventing insecure content served up on secure sites, there is impact on the
As more and more browsers adopt stringent checks around preventing insecure content served up on secure sites, there is impact on the use of ad networks which in many cases don't support the secure content.
What are some options that exist to continue to leverage the HTTP based ads in a secure site? Note that I am aware of HTTPS ad network providers, but would still like to explore workarounds allowing the use of HTTP (insecure) ad providers.
I see through this question that proxying the requests through an SSL landing page could be an option. Does anyone have experience doing that or more information on this technique?
What other things have people been doing in this context?
Regards.
More posts by @BetL925
2 Comments
Sorted by latest first Latest Oldest Best
You could do what Slashdot used to do:
Require HTTPS for pages directly related to user authentication, such as sign-up, login, password change, OpenID management, and subscription payment. Offer HTTP for all other pages.
Offer HTTPS to subscribers who have paid for ad-free access.
Redirect non-authentication, non-subscriber HTTPS page views back to HTTP so that ads can be displayed. This may hurt your SEO now that Google is ranking HTTPS sites slightly higher. It is also vulnerable to cookie copying attacks such as Firesheep, so be sure to warn users of this when they log in.
I would think that using information served over HTTP on a HTTPS page would defeat some of the purpose of using HTTPS in the first place. HTTPS is meant to be more secure than HTTP, but once you start using HTTP on an HTTPS page you are only as secure as your weakest link, HTTP.
You said you were aware of HTTPS advertising networks, that is probably your safest bet.
If you do try a proxy solution you should make sure you read the Terms of Service, some advertising networks are strict about how you use their code/service.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.