All geek questions in one place

Getting javascript libraries from Google / Microsoft CDN via SSL


I get several libraries from CDN from Google / Microsoft.

ONLY one page on the system uses SSL, but since I link to the libraries on the main page, I get javascript libraries using SSL, so the only page that actually requires this does not throw a security error, because access to insecure resources.

I read that the browser cache does not work for most browsers, if the resource is loaded using SSL, my test using a violinist indicates the opposite (Firefox and IE).

What is the truth? I use CDN to improve performance, so if getting the library using SSL is against my goal, I would undo this "improvement".

I could create a code submission to link to the library for the code behind using SSL or not for this case, but I would like to avoid this.

Thank!

+3
source share
2 answers

The common practice is not to cache secure web pages on disk. This effectively negates the benefits of prepared scenarios. In other secure watchdog details, the parties MUST be used with a secure connection. You must choose between convenience and security.

+3
source

You want to enable jquery as follows:

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.js"></script>

Please note that http or https is not specified; This allows the browser to continue any mode in which it is running.

, .

+2

Source: https://habr.com/ru/post/1768443/

More articles:


All Articles