Google Website Translator provokes mixed content error
Since yesterday, I got mixed content errors on my website in both Chrome
and IE. The error is provoked by the Google Translate script included in
the header:
<script type="text/javascript"
src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
I downloaded the file element.js and eventually figured out where the bug
comes from:
var s = window.location.protocol=='https' ? 'https' : 'http'
Using (any) browser console, we can see that the expression
"window.location.protocol" returns "https:" (and not "http") in all secure
websites. Therefore, the script tries to load a bunch of CSS/JavaScript
resources it needs, prefixing their URL with "http" instead of "https".
Which results in the following errors (one per resource):
The page at https://mysite.com ran insecure content from
http://translate.googleapis.com/[something].css
The Google Translate tool is really useful to my users so I cannot remove
it. Also, I tried to download the script and run it locally but it doesn't
work. I spent a lot of time on that issue, am I the only one in that
situation or something changed recently in the Google Translate script?
No comments:
Post a Comment