[whatwg] Encrypted HTTP and related security concerns - make mixed content warnings accessible from JS?

timeless timeless at gmail.com
Sat Nov 13 10:38:34 PST 2010

On Sat, Nov 13, 2010 at 2:52 PM, Ingo Chao <i4chao at googlemail.com> wrote:
> The mashup combines components, some of them are not under my control.
> The advertisement service provides 3rd party ads, they will change
> often.

> Including the ad service means that I never know if and when
> someone throws in http content into the mix.

You need a better contract with your advertiser. You need to demand
that they don't provide non https content.

Besides, no advertiser in their right mind wouldn't want to know that
you only want https content. Each time your users load a page and the
advertiser fails to load an ad, the advertiser loses money.

More information about the whatwg mailing list