by Adactus Ltd
11. August 2011 14:01
When offering HTTPS any content you load from external sources also needs to be loaded over HTTPS as well, otherwise you'll receive errors such as "Only secure content is displayed" and that external CSS, image or JavaScript file will be blocked unless you allow it on each page load. This is often the case with CDN content such as Google's jQuery CDN and jQueryUI etc.
Previously, the only way around this, would be hard code the HTTPS, which forces the HTTPS connection when the site is accessed in HTTP mode as well. But this causes an estimated 3.5% overhead over the standard HTTP, per call. We could use JavaScript to use the appropriate protocol, and the Google Analytics plugin uses this exact technique.
However, there is another way - the protocol-less url way - and it looks like this:
<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js">
</script>
This means that the browser works out which protocol it should be using based on the page that loaded it.
It really works nicely, and more info can be seen here:
