Chrome uncaught error "Protocols must match" on G + signin

Question

Chrome uncaught error "Protocols must match" on G + signin

I have added a G + registration button on my website, but I continue to see this problem. In most cases, this happens for the first time, and if you try to connect after refreshing the page, it works.

Here's the error:

Uncaught SecurityError: the frame with the .com source "from access to the source frame" https://accounts.google.com "is blocked . The frame requesting access has the protocol" http ", access to the frame has the protocol" https ". Protocols must match.

I saw this google + SignN Button Blocked Frame post , but the solution is not relevant for me.

+4

google-chrome google-plus google-oauth google-api

n0nChun Jun 26 '14 at 7:10

source share

1 answer

class · Answer 1 · 2014-07-31T18:25:55+0000

First, I want to emphasize that you really should use https when processing user credentials. If you can, get an SSL certificate and serve your content over https . Using HTTPS, you can prevent MiTM attacks and user information leaks.

Aside, there are a number of potential sources of warning:

If you use the login button from a page serving HTTP instead of more secure HTTPS, sometimes communication with the login servers is blocked. If the input sometimes works and sometimes not, this may be the reason.
JavaScript (http/https) , Google (http://yoursite.com, https://yoursite.com)
JavaScript (, .com , yoursite.com), OAuth .

( ) Google, , .

, , , :

cookie 'single_host_origin' 'http://yoursite.com'.
, http://.
, , cookie .
Chrome, , .
, , (, <script src="https://foo.bar/include.js" /> <script src="//foo.bar/include.js" />)

Chrome uncaught error "Protocols must match" on G + signin

More articles: